Since the introduction of the UC Browser, it has become one of the most popular browsing apps with a whopping 600 million users globally. Although the app has received an overwhelming response so far, recent URL spoofing attacks have raised many questions on the security and vulnerability of the users’ data.
Security researcher Arif Khan who has recently found and later informed about this bug to the security team of the app explained the whole process of spoofing. To make it easier for the beginners, it is very important to know about the URL spoofing before looking for an active remedy.
When asked about the reason, Mr. Arif Khan explained that the main reason this is actually happening is that some browsers are using bad regex checks. By using these cheap regex checks, they are trying to enhance the user experience by displaying just the main search term, when the user uses other search engines like Google.
Read next: 10.4 Percent of Android Devices Run the Latest Version, still far behind Apple
Featured Photo: Bloomberg / Getty
Security researcher Arif Khan who has recently found and later informed about this bug to the security team of the app explained the whole process of spoofing. To make it easier for the beginners, it is very important to know about the URL spoofing before looking for an active remedy.
What is URL spoofing?
URL spoofing is the process that bad actors use to attack the system, this enables them to change the URL that has been displayed in the address bar and then trick the user to think that the website that has been loaded is actually being controlled by a trusted party. User feel like their data is safe, but on the other hand, their data is being tracked and controlled by the attackers who have complete access to everything. Since the user is unaware that he is being watched, the attackers lead him to various sites where his complete data is replicated and the hacker then steal the data or drop malware on the user’s device.- Also read: Hackers can now land you on a scam website without your knowledge, thanks to the new Chrome Exploit!
How dangerous is URL spoofing issue?
Most of the users when realize about the problem, it’s too late for them to recover. This is the reason they commonly ask how terrible is the URL spoofing problem. The answer to this question is quite simple, the URL address bar spoofing is one of the worst kinds of phishing attack. This spoofing is known to be the only way to spot the site that the user is visiting, in short, the attacker can have access to the complete browsing history.Unpatched URL Address Bar Spoofing Vulnerability affecting UC Browser and UC Browser Mini latest versions, 12.11.2.1184 and 12.10.1.1192— Arif Khan (@payloadartist) May 8, 2019
Payload:
www[.]google[.]com.attacker.domain/?q=www.facebook[.]com
Writeup: https://t.co/TCl4GZlqw6
UC Browser PoC: pic.twitter.com/9FEvs8Gna8
When asked about the reason, Mr. Arif Khan explained that the main reason this is actually happening is that some browsers are using bad regex checks. By using these cheap regex checks, they are trying to enhance the user experience by displaying just the main search term, when the user uses other search engines like Google.
What can be done?
The good news is that some of the older versions of the UC Brower are still secure which means the recent changes have made the browser vulnerable to this malfunction. To completely remove this bug, the team needs to inspect that changes that they have made in recent time that might have made the browner vulnerable.Read next: 10.4 Percent of Android Devices Run the Latest Version, still far behind Apple
Featured Photo: Bloomberg / Getty