Web browser Maxthon has been caught sending detailed information from it users, such as their browsing history and other installed applications to the China based company that develops the software.
Maxthon is a freeware web browser for Windows, OS X and Linux, developed by Chinese company Maxthon Ltd based in Beijing. It is also available on Windows Phone 8, iOS and Android platforms as Maxthon Mobile. It has an estimated worldwide market share of 1% and about 2-3% of all Chinese internet users browses using Maxthon.
Polish security researchers from the company Exatel that the browser regularly sends a ZIP files to server in China. The ZIP file contains all kinds of data about the system of the user and the internet history. Information about the system includes the CPU, memory, the adblocker status and the startpage. Also the URL of all visited websites, Google searches and a list of installed application on the system including their version number is sent to the Chinese company.
The browser has an opt-in setting for users to send specific information as part of Maxthon’s ‘User Experience Program’ but whether the user has this disabled or not, the ZIP file is send to Maxthon. The information that is sent to the Chinese company is perfect for cybercriminals to perform a targeted attack, according to one of the security researchers.