Chinese browser Maxthon grants admin rights to malware
Security-focused Chinese web browser Maxthon contains an easily exploitable vulnerability that could give hackers administrative rights on Windows computers, granting them control over an operating system, cybersecurity researchers have found.
Why it matters: Maxthon International, the browser’s developer, claims that 670 million internet users worldwide utilize its software as their default browser. TechNode was unable to verify the claim.
- The company had a market share of around 1% in China at the end of 2016 and has pushed gain traction in the international market since 2017.
- Maxthon has not been free from controversy. The company was previously accused of sending personal data from international users back to China, including browsing history and information about their computers.
- The company positioned its browser as being secure and private following Edward Snowden’s 2013 revelations that detailed actions of the US National Security Agency’s once-clandestine global data collection program.
Details: The vulnerability could give malware, and thereby malware authors, administrative rights on Windows computers they have already infected and on which the browser is installed, researchers from US-based cybersecurity firm Safebreach said a report shared with TechNode. Administrative rights allow a user to install, modify, and delete software and files on a computer.
- Maxthon was not immediately available for comment when reached by TechNode on Thursday.
- The vulnerability affects Maxthon 5 browsers, the latest major release by the company.
- The bug also could allow attackers to execute malicious code every time a computer is started up.
- The nature of the vulnerability makes it difficult for security products to detect, the researchers said.
- Safebreach reported to issue to Maxthon in September, with the company confirming its existence later that month, Safebreach said.
Context: In 2016, Polish researchers found that Maxthon browsers sent details about users’ operating systems, homepages, web and search history, and installed applications back to servers in China, albeit in encrypted form.
- Despite the encryption, the researcher said that the data could be intercepted while in transit between a user and the company.
- Maxthon previously claimed that users could opt out of the data collection program, which the company said was aimed at improving its service. However, the researchers found that the data was collected even when users opted out.