As a result, the web client will access a malicious server to download and launch a Trojan module.
However, due to the MITM substitution, the web client downloads and launches a different library.
This library then creates a text message that says, PWNED!.
It also fails to comply with the Play Store policy, as it tries to bypass the Google servers.
This violates Googles rules for software distributed in its app store.
These rules were applied to prevent the distribution of modular trojans that download and launch malicious plugins.
Doctor Web specialists contacted the developer of both browsers, but they refused to comment on the matter.
As a result, the malware analysts reported the issue to Google.
Source:THN
Read More
source: www.techworm.net
