Hackers May Exploit UC Browser Design Flaw To Deliver Malware

The Chinese UC browser has become immensely popular among Android users. Almost every other Android phone has this browser installed by default. It means every other Android phone is vulnerable to malware attack! According to a recent report, this UC browser has an in-built design fault that the hackers may exploit to deliver malware.

UC Browser Exploited To Deliver Malware

In a recent blog post, Dr. Web researchers reveal a scary fact about the popular Chinese browser for Android phones – the UC browser. They found a critical design flaw with the browser that makes it risky for the users. The hackers may exploit the browser’s weakness for malware attacks.

As reported, the researchers found that the browser downloads codes to mobile phones whilst bypassing Google Play servers. It means that the bad actors may exploit this browser to deliver any malicious codes or malware to the target devices. Also, the browser becomes vulnerable to man-in-the-middle (MiTM) attacks.

Explaining about the flaw, the researchers stated,

“To download new plug-ins, the browser sends a request to the command and control server and receives a link to file in response. Since the program communicates with the server over an unsecured channel (the HTTP protocol instead of the encrypted HTTPS), cybercriminals can hook the requests from the application. They can replace the commands with ones containing different addresses. This makes the browser download new modules from the malicious server instead of its own command and control server. Since UC Browser works with unsigned plug-ins, it will launch malicious modules without any verification.”

To validate their speculation, the researchers attempted to exploit this flaw. They demonstrate their attempt in the following video.

What Should You Do?

Presently, the browser shows more than 500 million downloads by Android users (according to Google Play Store). This shows the potentially huge impact of the vulnerability of these browsers in case of a malicious exploit.

Dr. Web confirmed that the vulnerability not only affects UC Browser but also affects its sister app UC Browser Mini – except for the vulnerability to MiTM attacks. The latter app also shows more than 100 million downloads on the Play Store.

The researchers, upon finding the problem, contacted the developers of the browser. However, as stated, they could not receive a comment from the developers. They even contacted Google to report the case, but the app still persists on the Google Play Store. Therefore. The only viable option for the users to protect themselves from potential attacks is to reconsider using the browser.

Related posts

Water Facilities Must Secure Exposed HMIs – Warns CISA

Microsoft December Patch Tuesday Arrived With 70+ Bug Fixes

NachoVPN Attack Risks Corporate VPN Clients