Shenyu: Cloud input methods with up to one billion users may have leaked input content. Please take immediate measures to reduce the risk.

According to BlockBeats, on April 29, Shenyu said on the social platform that up to one billion users' cloud input methods may have leaked their input content. If users have entered mnemonics or other sensitive information through any of the following cloud input methods, please take immediate measures to reduce the risk. · Including nine manufacturers including Baidu, Honor, Huawei, iFlytek, OPPO, Samsung, and Tencent, and analyzed whether their process of sending user input content to the cloud contains security flaws. · The analysis results show that eight of the nine manufacturers' input method software contain serious vulnerabilities, allowing us to completely crack the encryption method designed by the manufacturer to protect user input content. Some manufacturers also do not use any encryption method to protect user input content. · Combining this study with the Sogou input method vulnerabilities found in our previous research, we estimate that up to one billion users are affected by these vulnerabilities.