.png)
According to a source, cybersecurity experts have issued a warning on a "privacy-friendly" web browser that has the potential to function as malware. It is referred to as the Universe Browser, has millions of installs, and poses security risks to users. According to reports, the browser secretly downloads a number of apps that secretly operate in the background and routes its connections through Chinese servers. According to researchers, keylogging, modifications to the device's network settings, and covert connections are some of its concealed components.
The Risks Associated with the Universe Browser
The United Nations Office on Drugs and Crime (UNODC) Regional Office for Southeast Asia and the Pacific, in partnership with cybersecurity company Infoblox, released a report detailing the Universe Browser's results.
The researchers claim that despite being marketed as "privacy-friendly," the web browser includes hidden capabilities including keylogging that may record each keystroke a user makes on a keyboard. Additionally, it is said to feature covert connections to remote servers and background activities that modifies device settings. Developer tools, right-click menus, and even important browser security features may all be turned off with the Universe Browser.
According to the study, when the browser launches, it looks for the user's location, language, and if a virtual machine is operating. Additionally, it allegedly installs two browser extensions, one of which enables screenshot uploading to associated domains.
Notably, all of these characteristics were shown to be compatible with malware, including remote access trojans (RATs), which are quickly proliferating through Chinese online gaming sites.
Researchers pointed out that the browser can be downloaded from casino websites for iOS and Windows devices, even though it isn't accessible on the Google Play Store. Additionally, it may be sideloaded onto Android devices as an APK.
As part of a multibillion-dollar cybercrime ecosystem in Southeast Asia, the cybersecurity company found that it was connected to a network of illicit gambling websites and cybercrime organizations that operate in Cambodia. Corporate documents, court filings, and legal records contained many references to the Universe Browser, including connections to an internet gambling corporation named BBIN and its affiliates.
According to reports, the Universe Browser may be used as a tool to identify "wealthy players and obtain access to their machines," yet experts were unable to confirm if it was being used maliciously.
