Source: Maxthon Browser Sends Sensitive Data to China | SecurityWeek.Com
This is not the first time researchers have raised concerns about web browsers developed by Chinese companies. Experts at the University of Toronto’s Citizen Lab have identified security and privacy issues in several popular Chinese browsers, including QQ Browser, UC Browserand Baidu Browser.
Researchers at Fidelis Cybersecurity and Poland-based Exatel recently found that Maxthon regularly sends a file named ueipdata.zip to a server in Beijing, China, via HTTP. Further analysis revealed that ueipdata.zip contains an encrypted file named dat.txt. This file stores information on the operating system, CPU, ad blocker status, homepage URL, websites visited by the user (including online searches), and installed applications and their version number.
While dat.txt is encrypted, experts easily found the key needed to decrypt it, giving them access to the information. Exatel researchers demonstrated how a man-in-the-middle (MitM) attacker could intercept the data as it travels from the client to the Maxthon server in China.
This is not the first time researchers have raised concerns about web browsers developed by Chinese companies. Experts at the University of Toronto’s Citizen Lab have identified security and privacy issues in several popular Chinese browsers, including QQ Browser, UC Browserand Baidu Browser.