Canadian cybersecurity experts Citizen Lab Sogou, a mobile keyboard popular in China, transmits all user-typed texts to the servers of Tencent, an IT company from China.
According to experts, the data transfer was carried out secretly so that users do not suspect that their actions are being monitored in any way.
“By analyzing Windows, Android, and iOS versions, we found troubling vulnerabilities in the specially designed EncryptWall encryption system and how it encrypts sensitive data,” the authors of the report said.
According to them, sensitive keystroke data can be completely decrypted as a result of a security breach. Sogou keyboard is still available in app stores.
Tencent acknowledged the vulnerability. According to The Citizen Lab, more than 450 million users were potentially affected by the vulnerability. As a result, passwords, logins, and intimate correspondence can be at Tencent’s disposal.
After a long correspondence with The Citizen Lab, the developers from Sogou agreed to fix the bug and released updates for all versions of the program.
Earlier Android smartphones learned Search for spy tags.