Eight of nine major Chinese keyboard apps were found to have vulnerabilities that could be leveraged to expose nearly a billion users’ keystrokes, The Hacker News reports. Input method editor Tencent QQ Pinyin could be impacted by a CBC padding oracle attack facilitating plaintext recovery, while Baidu IME and iFlytek IME could be compromised to enable network transmission decryption and plaintext recovery, respectively, a report from Citizen Lab revealed.
Source: SC Magazine