![]() Using MiTM, attackers can spy on the device and intercept or change its communications," says Zscaler. "Because UC Browser downloads an unknown third-party app to devices over unsecured channels, those devices can become victim to man-in-the-middle (MiTM) attacks. UCWeb subsequently updated and fixed the issues in both apps seeing that Zscaler later discovered that they stopped dropping third-party APKs on their users' Android devices. On September 27 Google confirmed the UC Browser and UC Mini issues discovered by the researchers and reached out to UCWeb to "update the apps and remediate the policy violation." Zscaler reported the UC Browser's policy violation issues to Google on August 13 and exchanged e-mails with Google's team until September 25. Dropping an APK on external storage (/storage/emulated/0) Security and privacy issues fixed.Communication over an unsecured channel – opening doors to man-in-the-middle attacks. ![]() Downloading an additional APK from a third party – in violation of Google Play policy.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |