Sogou browser to collect user privacy was leaked

today, some netizens said in professional technical card of rice on the BBS, use QQ account login sogou browser, you can see the thousands of other users’ personal accounts, including QQ, email, alipay, bank account information involves the user, such as property, and even can directly go to the others pay treasure to transfer shopping, and even direct payment transactions.

net friend said in the post, “always use sogou browser, recently updated the new version 4.2, login slow, with a few actually found a big hole sogou browser!” Netizens found that using QQ account login sogou, fast point a few times out, wait a few minutes, sogou browser will automatically download password autofill, favorites, web page updates remind down, is not the content of the user to save in the favorites.

in the form of sogou browser intelligence password saved a lot of web site, taobao, weibo, netease and QQ mailbox. Can even enter taobao account for online transactions.

use QQ account login sogou web accounts

sogou browser in the intelligent function of filling password, save a lot of website on taobao, weibo and so on a large number of users

can be directly on taobao account

can enter the taobao account directly online trading

favorites in a number of other users to save the content of the

there are technical personnel, according to the analysis of this may be is the result of sogou browser vulnerabilities “smart fill out a form” function. Users in the use of QQ account login sogou browser version, sogou browser will automatically download the other user’s account information. This information contains the user taobao, bank, weibo, sina, sohu, netease and QQ mailbox, all account, just click to enter. Moreover, sogou browser to save a large number of users of the information such as account passwords, and favorites, synchronized to the others on the computer.

have technicians will the security vulnerability, and even appeared in the meal card attaches great importance to the video data. Any user can according to the circumstance of Internet has publicly verified. In this way, the core of the tens of millions of users accounts will be landing directly, may cause a large number of users of property loss.

there are technical personnel suggest that it is rare a major safety accident in recent years, before the sogou company to repair the vulnerability, recommend that users do not use this browser. For ever use sogou browser login user account password, also want to modify all the password immediately, especially involving bank, alipay, game accounts, cloud storage, E-mail and other property and privacy of data account.

it is understood that this is not the first time that sogou company Revelations of user privacy related security vulnerabilities. In June this year, on June 5 in the afternoon, the clouds bug report platform release weibo said: “find weibo crazy preach sogou input method leaks, netizens have unearthed a large number of sensitive & amp; Adult content! Long before the flaw the clouds just received a report, white hat and inform the vendor, but the problem has not been effective processing. Sogou input method can lead to a large number of users leak sensitive information.” Vulnerability of Revelations from the sogou “input” multimedia functions of mobile phone input method, using this feature, users can share images, voice, text and other information. Concrete implementation way is: to share the information uploaded to the sogou server, form a can click the link to view.

the sogou company later in an interview with the media, the cloud platform bug report is the sogou holes made no mention of a new platform, saying only that the user’s “input” multimedia information leakage, the problem in the Microsoft search engine grab.

some netizens said that last time just to see other users of the information such as text, voice, images, but this time sogou browser security vulnerabilities have directly affects tens of millions of users’ privacy and property safety.