Skip to main content

QQ Internet Browser

QQ Browser is a Windows and Android internet browser produced by the Chinese technology company, Tencent. It is one of the most popular internet browsers worldwide, although only has a small percentage of UK users.
Threat ID:
CC-2558
Category:
Threat Severity:
Medium
Threat Vector:
Published:
2 August 2018 12:00 AM
Report a cyber attack: call 0300 303 5222 or email [email protected]

This content has been archived

This article no longer conforms to NHS Digital's standards for cyber alerts, and may contain outdated or inaccurate information. Use of this information contained in this page is at your own risk

Summary

QQ Browser is a Windows and Android internet browser produced by the Chinese technology company, Tencent. It is one of the most popular internet browsers worldwide, although only has a small percentage of UK users.

Affected platforms

The following platforms are known to be affected:

Microsoft Windows

  • Microsoft Windows - All versions
  • Google Android - All versions

Threat details

QQ Browser collects and transmits large amounts of data on both the user, device and sites visited to several URLs. On mobile devices it will collect:

  • Both the International Mobile Equipment Identifier (IMEI) and the International Mobile Subscriber Identifier (IMSI)
  • Android device ID
  • Device WiFi MAC address
  • All in-range WiFi access point names and MAC addresses

On Windows devices it will collect:

  • A hardware fingerprint of the network MAC address and hard drive serial, model and controller version numbers.
  • Windows version and build
  • Windows user security identifier
  • Internet Explorer version

Both versions collect the IP address, device hostname, full URL name, search history and Q-GUID unique user string.

This data is either unencrypted or is encrypted using hard-coded keys and as such is easily decrypted; it is also sent using HTTP. The ease with which an attacker could obtain the information poses a significant threat to any user, with both man-in-the-middle attacks and data theft easily achievable.

Several vulnerabilities also exist in the update process used by QQ Browser, two of which could allow a remote attacker to execute arbitrary code on the affected device.

Remediation steps

Type Step
Users should consider other alternative well-known internet browsers such as Google Chrome, Microsoft Edge or Mozilla Firefox.

Last edited: 17 February 2020 12:53 pm