Android UC Browser update - signs into random Facebook & Youtube accounts w/ full acc

acr1965 · Jan 6, 2012

I am using the UC Browser on my Android phone. Today I noticed there was an update available so I downloaded and installed. Then I decided to go to my Facebook page and had to re-log in to the page. Once logged in I saw I was on someone else's page - some guy from India. Full access to his account. I made a post on the UC Browser page and then saw other people were also complaining about being logged into some "random person's" Facebook page. Could the UC Browser just have a bug? Or could this be some sort of intentional wrongdoing gone awry?

BTW- there seems to be a huge number of UC browser users. Considering many of these users may also have Facebook accounts I could see where there was possibly a major security breach of accounts and passwords.

acr1965 · Jan 7, 2012

Here is the UC Browser's page in the Android market -
https://market.android.com/details?...t=W251bGwsMSwxLDEsImNvbS5VQ01vYmlsZS5pbnRsIl0.

There are multiple reviews of being signed in to random facebook accounts.

elapsed · Jan 8, 2012

The only way I can imagine that happening is if the app itself is designed to sync passwords, cookies, etc, so saves them in the cloud. If they somehow screwed up account matching there would probably be a massive outcry from users that would destroy the app/company.

I can't really imagine any other way for it to log you in to a random account, but yes, it sounds very scary.

acr1965 · Jan 8, 2012

I think one of the main problems at this point is the random Facebook sign-in has not been able to be replicated. I did not have a screenshot app at the time or I would have tried to document the problem. There's been a few other similar complaints- but no response from the developer at all.

acr1965 · Jan 10, 2012

story and fix -
http://news.softpedia.com/news/UC-B...in-Issue-Fixes-it-on-Its-Backend-245434.shtml

elapsed · Jan 10, 2012

Here is what they really did:

“1. Stop saving cookie on our servers, just let the client save local cookies, which means users can login your own account, not other ones anymore;

2. Currently users can re-login into their accounts without any problem;

3. Our cookie server met a problem which has just been fixed and it will not appear again.”
Click to expand...

Sounds like an app I wouldn't touch with a 10ft pole. But then again, I've always been the cautious type when I download apps. I always check what the app requests access to (e.g. camera, contacts, internet, etc), if it makes sense, and if I trust them with that information.

Log in or Sign up

Android UC Browser update - signs into random Facebook & Youtube accounts w/ full acc

acr1965 Registered Member

acr1965 Registered Member

elapsed Registered Member

acr1965 Registered Member

acr1965 Registered Member

elapsed Registered Member

Log in or Sign up

Android UC Browser update - signs into random Facebook & Youtube accounts w/ full acc

acr1965 Registered Member

acr1965 Registered Member

elapsed Registered Member

acr1965 Registered Member

acr1965 Registered Member

elapsed Registered Member

Useful Searches