The Universe Browser’s features were reported to be consistent with remote access trojans (RATs) and other malware.
The browser can be downloaded from casino websites for Windows and iOS devices
Click Here to Add Gadgets360 As A Trusted Source
Cybersecurity researchers have warned about a “privacy-friendly” web browser that can act as malware itself, according to a report. Dubbed the Universe Browser, it is said to have an install base in millions and raises security implications for users. The browser reportedly routes its connections through servers in China and quietly installs several programs that covertly run in the background. Researchers say its hidden elements include keylogging, changes to the network configurations of the device, and surreptitious connections.
Universe Browser and Its Threats
Cybersecurity firm Infoblox, in collaboration with the United Nations Office on Drugs and Crime (UNODC) Regional Office for Southeast Asia and the Pacific, shared the findings about the Universe Browser in a report.
As per the researchers, the web browser, advertised as “privacy-friendly”, has hidden features such as keylogging, which can record every keystroke that a user types on a keyboard. It is also claimed to have background activity that alters device settings and discreet connections to external servers. The Universe Browser can disable right-click menus, developer tools, and even key browser security protections.
The report states that the browser checks for the user’s location, language, and whether it is running a virtual machine upon launch. It is also said to install two browser extensions, one of which can allow screenshots to be uploaded to domains linked to it.
All of these features, notably, were reported to be consistent with remote access trojans (RATs) and other malware, which is increasingly spreading via online gambling platforms based in China.
While it isn’t available on the Google Play Store, researchers highlighted that the browser can be downloaded from casino websites for Windows and iOS devices. It is also available as an APK for sideloading onto Android devices.
The cybersecurity firm discovered that it was linked to a network of illegal gaming websites and cybercrime groups that operate in Cambodia, part of a multibillion-dollar cybercrime ecosystem in Southeast Asia. Several references to the Universe Browser were found in corporate documents, legal records, and court filings, including links to an online gambling company called BBIN and its subsidiaries.
Although researchers were unable to verify if the Universe Browser was used for malicious purposes, it reportedly has the potential to serve as a tool for identifying “wealthy players and obtain access to their machines.”
