Android Phones on Remote Hijack with the Insecure UC Browser Feature


Beware of the UC browser you have already installed in your Android phone! You should at the earliest consider uninstalling it. This is because the Chine-made UC browser comes with a unique feature that is quite questionable possessing the ability to exploit the users by the remote hijack to auto-download and execute the code on your Android phones. The UC browser has been developed by Alibaba owned UCWeb and is regarded as one of the most popular mobile browsers in specifically China and India having a massive user-base of over 500 million users worldwide. As per the new report published by Dr. Web firm, since 2016 the UC browser for the Android smartphones bears a hidden feature that permits the company to download new libraries and modules from its server anytime and install them on the users’ mobile devices.

It has also been a concern that the new feature downloads new plugins from the server of the company over the insecure HTTP protocol and not from the encrypted HTTPS protocol thus permitting the remote attackers to perform the man-in-the-middle (MiTM) attacks and force the malicious modules to the targeted smartphones. Thus, to perform the MiTM attacks through the UC browser, the cybercriminals will only need to hook the server response from “” and replace the link to the downloadable plug-in and the values of the attributes to be verified. This will result in then access to a malicious server through UC browser to download and launch a Trojan module.

As the new feature of the UC browser enables the download and execute of the arbitrary code on the users’ devices without the need to reinstall a full version of the UC browser app, it also violates the policy of the Google Play Store by bypassing the Google servers. This feature is available in both UC browser and UC browser mini with the ability to remote hijack.


Please enter your comment!
Please enter your name here