Skip to main content
News

Encryption Vulnerabilities in Cloud-Based Chinese Keyboard Apps

By May 14, 2024May 17th, 2024No Comments

Broadcom Threat Bulletin brings attention to a critical cybersecurity concern: over a billion users of cloud-based Chinese language keyboard apps may be vulnerable to unauthorized surveillance due to flawed encryption practices, according to a new study by Citizen Labs.

Encryption Vulnerabilities in Cloud-Based Chinese Keyboard Apps

Broadcom Threat Bulletin brings attention to a critical cybersecurity concern: over a billion users of cloud-based Chinese language keyboard apps may be vulnerable to unauthorized surveillance due to flawed encryption practices, according to a new study by Citizen Labs.

The study examined nine commonly used cloud-based pinyin keyboards, including those from famous smartphone brands. Alarmingly, all but one exhibited poor encryption of data between the app and the cloud backend, leaving users vulnerable to interception of their pinyin inputs by malicious actors.

These findings underscore the grave potential for mass surveillance, raising urgent concerns about user privacy and data security. Researchers have alerted affected brands, prompting many to take corrective action. Users are advised to remain vigilant and seek updates from their phone vendors to mitigate this risk.