Attention: A function in UC Browser allows hackers to compromise Android devices

Ethical hacking training experts and specialists from the International Institute of Cyber Security (IICS) recommend users of UC Browser for Android to stop using this tool as soon as possible. According to a series of reports, this browser developed in China includes a function that could be exploited remotely by a hacker to download and run malicious code on an Android device.

According to the ethical hacking training experts, UC Browser is one of the most widely used mobile device browsers in India and China, as it has at least 500 million users around the world.

A report published by the cybersecurity firm Dr. Web states that since 2016, UC Browser features a ‘secret function’ that allows developers to download new libraries and modules from their servers and install them on user devices in any time and without any verification.

Investigators believe that this function helps to download new plugins from the enterprise server using an unsecured HTTP protocol instead of an HTTPS. According to the ethical hacking training experts, this allows threat actors to perform Man-in-the-Middle (MiTM) attacks and load malicious modules into compromised devices.  “The UC Browser plugins lack any digital signature, so the browser could launch malicious modules without any verification”, Dr. Web experts mentioned.

This feature allows browser developers to download and execute arbitrary code without having to install a new version of the app, so UC Browser also fails to comply with the Play Store policy, as it tries to bypass the Google servers.

The researchers found this malicious feature in all versions of UC Browser released to this date. Compromised applications are still available for download from the official Google Play Store; the main recommendation for users is to uninstall UC Browser applications and perform scans to detect any malware samples present on their devices due to this unsecure practice.