Android UC Browser update - signs into random Facebook & Youtube accounts w/ full acc

Discussion in 'other security issues & news' started by acr1965, Jan 5, 2012.

Thread Status:
Not open for further replies.
  1. acr1965

    acr1965 Registered Member

    Joined:
    Oct 12, 2006
    Posts:
    4,995
    I am using the UC Browser on my Android phone. Today I noticed there was an update available so I downloaded and installed. Then I decided to go to my Facebook page and had to re-log in to the page. Once logged in I saw I was on someone else's page - some guy from India. Full access to his account. I made a post on the UC Browser page and then saw other people were also complaining about being logged into some "random person's" Facebook page. Could the UC Browser just have a bug? Or could this be some sort of intentional wrongdoing gone awry?

    BTW- there seems to be a huge number of UC browser users. Considering many of these users may also have Facebook accounts I could see where there was possibly a major security breach of accounts and passwords.
     
    Last edited: Jan 6, 2012
  2. acr1965

    acr1965 Registered Member

    Joined:
    Oct 12, 2006
    Posts:
    4,995
  3. elapsed

    elapsed Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    7,076
    The only way I can imagine that happening is if the app itself is designed to sync passwords, cookies, etc, so saves them in the cloud. If they somehow screwed up account matching there would probably be a massive outcry from users that would destroy the app/company.

    I can't really imagine any other way for it to log you in to a random account, but yes, it sounds very scary.
     
  4. acr1965

    acr1965 Registered Member

    Joined:
    Oct 12, 2006
    Posts:
    4,995
    I think one of the main problems at this point is the random Facebook sign-in has not been able to be replicated. I did not have a screenshot app at the time or I would have tried to document the problem. There's been a few other similar complaints- but no response from the developer at all.
     
  5. acr1965

    acr1965 Registered Member

    Joined:
    Oct 12, 2006
    Posts:
    4,995
  6. elapsed

    elapsed Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    7,076
    Sounds like an app I wouldn't touch with a 10ft pole. But then again, I've always been the cautious type when I download apps. I always check what the app requests access to (e.g. camera, contacts, internet, etc), if it makes sense, and if I trust them with that information.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.