Mi Browser and Mint Browser used by hacker for hacking Mi Smartphones

MI Browser and Mint Browser used by hacker for hacking MI smartphones released recently in the news warn mi users from using Mi Browser and Mint Browser as both of these browser applications have been identified having a major vulnerability which can lead them getting hacked by hackers. 

Mi Browser and Mint Browser – About

MI Browser and Mint Browser both are browser application developed, maintained and introduced by Mi Company. Both Mi Browser and Mint browser server as an android browser application which are very light weight. Mi Browser always comes preinstalled with mi smartphones which are manufactured by the Chinese Xiaomi company whereas Mint Browser can be installed or uninstalled from the smartphone using android play store.

MI Browser and Mint Browser both are available in the Google play Store to download for android users and most probably available to download in ios devise also from the app store which is dedicated for ios users. Both the browser applications are available to download for free from either of the app stores.

Mi Browser and Mint Browser used by hackers for hacking Mi smartphones – Really Possible?

Yes, MI Browser and Mint Browser are being used by hacker for hacking MI smartphones. Also this vulnerability can be used in such an easy manner that even beginner or people who don’t possess the knowledge of hacking can even perform hacking attacks using this high risk vulnerability which has been discovered in the MI Browser and Mint Browser.

Mi Browser and Mint Browser used by hacker for hacking Mi smartphones –Why Dangerous?

Both the web browser – Mi Browser and the Mint browser applications created by the Xiaomi Company are vulnerable to a critical vulnerability as you know till now. But the main area of focus is, that this vulnerability has not yet been patched by the Xiomi Company even after being privately reported to the company, a researcher told Kali4hacking.

Hacking Mi Smartphones using Mi Browser – About the Vulnerability

The vulnerability was identified as CVE-2019-10875. This vulnerability in Mi Browser and Mint Browser was discovered by a security researcher named Arif Khan. This vulnerability is a browser address bar spoofing issue that generally originates because of a common logical flaw in the android application browser's interface which allows any website or the attacker to control the URLs which he/she wants to be displayed in the address bar of the Mi Smartphone which has Mi browser or Mint Browser installed.

Hacking Mi Smartphones – How Does it Work

According to the security researcher the affected browser application’s  didn’t properly handled the "q" query parameter in the URLs which are in the address bar of the application, and so they fail to display the starting portion of an https (Secure transfer protocol) URL before the ?q= substring in the address bar which can be added by anyone.

As we know that the address bar of any web browser is the most reliable thing which displays the security of any website as a very essential security indicator so the flaw can be used to easily trick and hack any Xiaomi user making them actually being made visited to a phishing website to trap them.

Phishing attacks, today are the most common and sophisticated increasing number of attack which is difficult to spot. This URL from the address bar of the browser spoofing vulnerability can be taken to a much higher level which can allow anyone to bypass the basic security indicators in the Mi Browser or the Mint Browsers address bar, which is the first and foremost thing any user checks to determine whether the visiting website is secure or not.

Mi Smartphones Vulnerable and getting Hacked – Key Questions

Question 1: Why only the international version of both the browser applications vulnerable to this threat while the domestic versions are completely secured.

It is very difficult to understand why only the international variants of these browser applications vulnerable to this threat while the domestic versions are highly secured and do not contain this vulnerability.

Question 2: If not then is Mi Company supporting data leakage of Indian Users as well as other users? Are these Chinese manufacturers intentionally making vulnerable products?

Question 3: Why was the total bug bounty of $198 only given to the cyber security researcher why found out this critical flaw which has affected more than millions of users worldwide?

Security Measures – Conclusion

To secure yourself and everyone else, the mi users must know how to overcome phishing attacks. The vulnerable users best suggested by me should uninstall Mint Browser if they have installed it and block/Stop using Mi Browser which comes preinstalled in Mi devices.

Comment below your thoughts regarding the arising questions and also your thought about it. Also do share this post and follow our social media accounts mentioned in the upper right corner of the website.