500+ Million UC Browser Android Users Exposed to MiTM Attacks. Again.

[silversurfer]

The highly popular UC Browser and UC Browser Mini Android apps, with a total of over 600 million Play Store installs, exposed their users to man-in-the-middle (MiTM) attacks by downloading an Android Package Kit (APK) from a third party server over unprotected channels.
 
Doing this is in direct violation of Google's app store rules as Android apps "distributed via Google Play may not modify, replace, or update itself using any method other than Google Play's update mechanism," 
"Likewise, an app may not download executable code (e.g. dex, JAR, .so files) from a source other than Google Play," as Google also states on the Play Store's Privacy, Security, and Deception rules.
 
While analyzing the apps' behavior, Zscaler ThreatLabZ researchers discovered the following three issues:
• Downloading an additional APK from a third party – in violation of Google Play policy
• Communication over an unsecured channel – opening doors to man-in-the-middle attacks
• Dropping an APK on external storage (/storage/emulated/0)

Read more here: https://www.bleepingcomputer.com/news/se...cks-again/