Shenfish: Cloud input method with up to one billion users may have leaked input content, please take immediate action to reduce risks

2024-04-29 15:28:32

Collection

ChainCatcher message, Shenfish stated on social media that cloud input methods with up to one billion users may have leaked input content. If users have entered mnemonic phrases or other sensitive information through any of the following cloud input methods, please take immediate action to reduce risks.

This includes nine manufacturers: Baidu, Honor, Huawei, iFlytek, OPPO, Samsung, Tencent, and analyzes whether their process of sending user input content to the cloud contains security flaws.

The analysis results indicate that among the nine manufacturers, eight input method software contain serious vulnerabilities, allowing us to fully crack the encryption methods designed by manufacturers to protect user input content. Some manufacturers also did not use any encryption methods to protect user input content.

Based on this study and the vulnerabilities found in our previous research on Sogou Input Method, we estimate that up to one billion users are affected by these vulnerabilities.

(Source Link)

ChainCatcher reminds readers to view blockchain rationally, enhance risk awareness, and be cautious of various virtual token issuances and speculations. All content on this site is solely market information or related party opinions, and does not constitute any form of investment advice. If you find sensitive information in the content, please click "Report", and we will handle it promptly.