CyberNews Briefs

500+ Million UC Browser Android Users Exposed to MiTM Attacks. Again.

For the second time this year, security researchers discovered that the popular Android browser apps UC Browser and UC Browser Mini exposed users to man-in-the-middle (MiTM) attacks by downloading third-party components via insecure connections.

In August of this year, Zscaler ThreatLabZ researchers analyzed the two browsers, which have a total of 600 installations on the Google Play Store, only to discover that they downloaded a third-party Android Package Kit (APK) over an unsecured channel. This puts users at risk and also constitutes a violation of Google’s terms and conditions, because Android apps “may not download executable code (e.g. dex, JAR, .so files) from a source other than Google Play.” In March of this year, Doctor Web researchers had noticed similar behavior by UC Browser that put users at risk of MiTM attacks. Both issues have now been resolved.

Read more: 500+ Million UC Browser Android Users Exposed to MiTM Attacks. Again

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.