News

Published on October 19th, 2019 📆 | 6997 Views ⚑

0

UC Browser potentially endangers 500 million users


iSpeech

The popular Android browser UC Browser was found to break several Google mobile app rules possibly placing up to 500 million of its users at risk.

UC Browser, which
is available from the Google Play store, was found by Zscaler ThreatLabZ team
to be making some highly questionable moves once downloaded, many of which go
against Google’s stated app policies. It has more than 500 million downloads.

The Google rules broken include altering the app, which is done when a third-party Android Package Kit is dropped onto the device, communicating over an unsecured channel and dropping an APK into external storage.

The third-party
APK, which is sent through HTTP not HTTPS, that is dropped is not actually
installed, but just resides in the external storage. The fact that the APK does
nothing has stumped the researchers, but the working theory is the full functionality
may still under development or it simply is having troubles completing the install
process.

“It is too
early to determine exactly what the UC Browser developers intended with their
third-party APK, but it is clear that they are putting users at risk. And with
more than 500 million downloads of UC Browser, that is a significant threat,”
the report
said.

ThreatLabZ
took the extra step and manually installed it to see what would happen and found
it to be a third-party app store named 9 Apps. 9 Apps immediately scans the
device’s apps and then offers up several additional apps to the device owner,
including adult apps.

Even if the
APK is not dangerous using an unsecured channel to download it opens the user
to man-in-the-middle attacks that ca result in additional downloads, spying,
displaying phishing messages that could lead to data being stolen.





These
promoted apps do exist and can be downloaded, but the connection with 9 Apps
also continues in the background with ThreatLabZ noting that in the following
weeks the 9 Apps domain attempted to push through additional APKs to the device.

9 Apps was
not found to be a dedicated malicious site, Zscaler searched it using VirusTotal
which detected a number of detections.

Google was notified of what was transpiring and the ThreatLabZ team noticed it then no longer downloaded the third-party app store.

UC Browser was
developed by the Singapore/China-based mobile internet company UCWeb, which is
in turn owned by the Chinese-owned Alibaba Group.

Source link

Tagged with:



Comments are closed.






© Torchsec  Privacy Policy Disclaimer  T&C



Back to Top ↑