Risks in Hidden UC Browser for Android Feature

More than 500 million Android users have been put at risk of a man in the middle (MITM) attack resulting from a popular web browser's ability to secretly download auxiliary components from the internet, according to blog posts from both Tripwire and Dr.Web. Researchers noted that UC Browser for Android and UC Browser Mini for Android applications have the hidden ability to download and install extra modules from their own servers using unprotected channels and bypassing Google Play's servers altogether, a clear violation of the rules of the Google Play store. "The browser receives commands from the command and control server and downloads new libraries and modules, which add new features and can be used to update the software," the Dr. Web blog stated. "During our analysis, UC Browser downloaded an executable Linux library from a remote server. The library was not malicious; it is designed to work with MS Office documents and PDF files. Initially, this library was not in the browser. After downloading, the program saved the library to its directory and launched it for execution.