DV Hardware - bringing you the hottest news about processors, graphics cards, Intel, AMD, NVIDIA, hardware and technology!
   Home | News submit | News Archives | Reviews | Articles | Howto's | Advertise
DarkVision Hardware - Daily tech news
July 7, 2020 
Main Menu
News archives

Who's Online
There are currently 61 people online.


Latest Reviews
Ewin Racing Flash gaming chair
Arctic BioniX F120 and F140 fans
Jaybird Freedom 2 wireless sport headphones
Ewin Racing Champion gaming chair
Zowie P-TF Rough mousepad
Zowie FK mouse
BitFenix Ronin case
Ozone Rage ST headset

Follow us

Maxthon browser secretly sends sensitive user data to Chinese web server

Posted on Friday, July 15 2016 @ 18:10:36 CEST by

Polish security firm Exatel and US-based Fidelis Cybersecurity discovered that Chinese web browser has secretly been collecting sensitive data from its users. It's an alarming discovery as Maxthon was widely regarded as a safe piece of software. It's not as widely used as the more popular browsers like Chrome and Firefox, but with a global marketshare of around 0.75 to 1 percent it can be found on hundreds of millions of PCs.

Maxthon periodically uploads content to a webserver located in Beijing, China. The file is purported to be “image/pjpeg” but a closer look reveals it's actually an encrypted zip file with a dat.txt file.

Once the security researchers figured out how to decrypt the dat.txt file, they discovered Maxthon phones home an astonishing amount of user data. This includes details about not only your PC configuration, but all websites you've visited, you're entire search history and a list of all installed programs including their version number:
  • OS version, screen resolution.
  • CPU type/speed and amount of memory installed.
  • Location of the Maxthon executable.
  • Status of adblock (enabled or not, number of ads blocked).
  • Homepage URL.
  • Each and every full URL that the user visited (including the user’s google searches).
  • List of installed applications including their version numbers.
  • Maxthon data file

    Maxthon claims this behaviour is part of the company's User Experience Improvement Program’s (UEIP) to help with debugging and performance. A browser setting allows you to disable UEIP but Exatel and Fidelis observed data is being sent back to Maxthon regardless of the user's selection to participate in UEIP!

    Not only is this level of surveillance worrying, Fidelis Cybersecurity also notes the data contains everything an attacker could need to craft a highly targeted attack. As such, Maxthon users would do well to remove the browser asap as it's essentially spyware. This is quite ironic as Maxthon markets itself as a browser with a tight focus on security and privacy, an image it banked on after the 2013 NSA surveillance scandal.



    DV Hardware - Privacy statement
    All logos and trademarks are property of their respective owner.
    The comments are property of their posters, all the rest © 2002-2019 DM Media Group bvba