Editing Maxthon (section)

===Data privacy issues===
In 2016, [[computer security]] researchers from ''Fidelis Cybersecurity'' and ''Exatel'' discovered the browser surreptitiously sending sensitive browsing and system data, such as ad blocker status, websites visited, searches conducted, and applications installed with their version numbers, to remote servers located in Beijing, China. According to Maxthon, the data is sent as part of the firm's 'User Experience Improvement Program' and it is "voluntary and totally anonymous." However, researchers found the data still being collected and sent to remote servers even after users explicitly [[opt-out|opt out]] of the program. The researchers further found the data being sent over an [[plaintext|unencrypted]] connection ([[HTTP]]), leaving users vulnerable to [[man-in-the-middle attack]]s. Fidelis' [[Chief Security Officer]], Justin Harvey, noted the data "contains almost everything you would want in conducting a reconnaissance operation to know exactly where to attack. Knowing the exact operating system and installed applications, and browsing habits it would be trivial to send a perfectly crafted [[Phishing#CITEREFrajput2023|spear phish]] to the victim or perhaps set up a [[watering hole attack]] on one of their most frequented websites."<ref>{{Cite web|url=http://www.securityweek.com/maxthon-browser-sends-sensitive-data-china|title=Maxthon Browser Sends Sensitive Data to China|last=Kovacs, Eduard|date=14 July 2016|publisher=SecurityWeek|access-date=16 July 2016}}</ref><ref>{{Cite web|url=http://www.scmagazine.com/maxthon-browser-sends-personal-data-to-china-and-vulnerable-to-mitm-attacks/article/509634/|title=Maxthon browser vulnerable to Chinese cyberespionage and MitM attacks|last=Abel|first=Robert|date=14 July 2016|work=[[SC Magazine]]|access-date=16 July 2016}}</ref><ref>{{Cite web|url=http://www.zive.sk/clanok/116376/vazna-hrozba-webovy-prehliadac-maxthon-spehuje-vsetko-posiela|title=Vážna hrozba: Webový prehliadač Maxthon špehuje, všetko posiela|last=Koliba|first=Ján|date=16 July 2016|website=www.zive.sk|publisher=[[Ringier]] / [[Axel Springer]]|language=sk|access-date=16 July 2016}}</ref><ref>{{Cite web|url=http://www.golem.de/news/spaehsoftware-maxthon-browser-sendet-sensible-daten-nach-china-1607-122138.html|title=Maxthon-Browser sendet kritische Daten nach China|last=Weisensee|first=Jan|date=15 July 2016|website=Golem.de|language=de|access-date=16 July 2016}}</ref><ref>{{Cite web|url=https://tweakers.net/nieuws/113631/maxthon-browser-stuurt-zonder-toestemming-gegevens-door-naar-server-in-china.html|title=Maxthon-browser stuurt zonder toestemming gegevens door naar server in China|last=Soeteman|first=Krijn|date=15 July 2016|website=[[Tweakers.net]]|publisher=Persgroep Online Services|language=nl|access-date=16 July 2016}}</ref> Maxthon CEO Jeff Chen claimed that this was due to a bug that was fixed as soon as Maxthon was made aware of the issue;<ref>{{Cite news|url=http://www.maxthon.com/blog/security-and-privacy-are-top-priorities-at-maxthon-2/|title=Security and Privacy are Top Priorities at Maxthon - Maxthon Browsers Blog|date=2016-07-14|work=Maxthon Browsers Blog|access-date=2017-05-31}}</ref> however, Exatel had notified Maxthon of the issue without getting any response.<ref>https://exatel.pl/advisory/maxthonreporten.pdf {{Webarchive|url=https://web.archive.org/web/20200519200145/https://exatel.pl/advisory/maxthonreporten.pdf |date=2020-05-19 }} {{Bare URL PDF|date=March 2022}}.</ref> 
The issue was found in Maxthon version 4.4.5. According to Maxthon, it was fixed in later version and no such issue was reported since then.