Abstract
Maxthon is a Chromium-based web browser developed by Maxthon International Ltd., a Beijing-headquartered company founded in 2002. Originally launched as MyIE, the browser has evolved into a multi-platform product available across Windows, macOS, Linux, iOS, and Android. Maxthon positions itself as a privacy-conscious and feature-rich browser, with a suite of built-in security tools including a free VPN, incognito mode, anti-tracking, anti-phishing protection, ad blocking, Do Not Track signalling, and automated data cleaning. This review provides a systematic, evidence-based examination of each of these privacy and security features, evaluating their technical function, practical benefit, and documented limitations in the context of independent research and comparative analysis with competing browsers.
1. Introduction and Browser Context
Maxthon occupies a unique niche in the contemporary browser landscape. It was originally designed as a customisation layer on top of Internet Explorer but has since evolved into a fully independent browser engine. Today, it is one of very few mainstream browsers to bundle multiple advanced privacy tools — most notably a VPN — directly into the core product at no cost.
Despite a rich feature set, Maxthon’s global market share has declined substantially and now sits at under 0.3% on desktop platforms. Independent comparative analysis rates the browser “Fair (with caveats)” on overall privacy, noting a persistent trust deficit in Western markets stemming from its Chinese corporate origin and documented historical incidents of unauthorised data transmission. Nevertheless, Maxthon retains an active user base estimated in the tens of millions and continues to appeal to users who prioritise productivity, cloud synchronisation, and blockchain integration alongside privacy tools.
This review examines each major privacy feature in turn, covering its design purpose, implementation, potential benefits, and critical limitations.
2. Incognito Mode (Private Browsing)
2.1 Feature Description
Maxthon’s incognito mode is a session-isolated browsing environment that prevents the retention of browsing history, cookies, cached files, and form data once the session is terminated. It is accessible via the browser menu and functions analogously to Chrome’s incognito mode or Firefox’s private window, albeit with one architectural distinction: Maxthon’s data isolation architecture is designed so that session data from one browsing context cannot bleed into another, providing a degree of compartmentalisation beyond simple history suppression.
2.2 Practical Benefits
The primary utility of incognito mode is the protection of local device privacy. When users access sensitive accounts on shared or public devices, closing a private session ensures that no residual credentials, history, or form data remain accessible to subsequent device users. This is particularly valuable in institutional settings — library computers, shared family devices, hotel terminals — where multiple users access the same hardware.
Incognito mode also provides a clean browser state for testing web applications, logging into multiple accounts simultaneously (since cookies are siloed from the standard session), and shopping without influencing personalisation algorithms.
2.3 Limitations
Incognito mode’s protections are strictly local. It does not encrypt network traffic, mask the user’s IP address, prevent tracking by websites or advertisers, or shield the user from monitoring by internet service providers or network administrators. Academic research has consistently demonstrated that most users overestimate the scope of private browsing protections, erroneously believing it prevents tracking by entities such as Google or social media platforms.
Furthermore, memory forensics research has demonstrated that even after a private session is closed, artefacts may persist in volatile memory and be recoverable through forensic analysis — a limitation no browser-level private mode can fully address.
3. Built-in VPN (Powered by Bright Data)
3.1 Feature Description
One of Maxthon’s most prominently marketed differentiators is its integrated VPN, provided through a partnership with Bright Data (formerly Luminati Networks). The VPN is available as a free optional feature and is accessible from within the browser interface, allowing users to activate it with a minimal number of clicks. Upon activation, the VPN routes browser traffic through encrypted tunnels via servers located across ten regions, including the USA, Canada, the UK, Australia, Germany, the Netherlands, France, Ireland, Spain, and Belgium.
The VPN promises to mask the user’s IP address, encrypt internet traffic, and enable access to geo-restricted content. Some integrations with the Bright VPN infrastructure also allow the browser to function as a remote browsing environment in which the user’s browsing activity is mirrored on a remote server rather than executed locally — providing an additional layer of isolation from local-device malware.
3.2 Practical Benefits
For casual users, the Maxthon VPN offers the standard benefits of VPN technology without requiring the installation of third-party software or payment of a subscription fee. These include basic IP masking, protection on unsecured public Wi-Fi networks, and access to regionally restricted content. The convenience of activation directly from the browser toolbar, combined with zero cost, reduces the barrier to basic privacy protection for non-technical users.
The server selection across multiple geographic regions provides flexibility for accessing location-specific services, such as banking platforms that may restrict access from foreign IP addresses.
3.3 Critical Limitations and Concerns
The Maxthon VPN carries several significant caveats that are essential for privacy-conscious users to understand.
Resource-sharing model. To use the free VPN, users must agree to occasionally share their computer’s free resources and IP address with Bright Data’s network. This is a peer-to-peer model in which a user’s device may serve as a VPN exit node for other users, raising privacy, legal, and liability concerns that are largely absent from subscription-based VPN services.
Absence of independent audits. Unlike premium VPN providers such as Proton VPN or NordVPN — both of which have undergone comprehensive independent security audits to verify their no-logs claims — Bright VPN has not been subject to equivalent third-party verification. The privacy policy has been independently assessed as containing ambiguous clauses that suggest data collection may occur, and the policy language lacks the specificity and commitments found in leading VPN services.
Performance limitations. Users frequently report inconsistent connection quality, unexpected disconnections, and limited capability to reliably unblock major streaming platforms. The server network is substantially smaller than those offered by leading providers such as NordVPN (5,500+ servers) or ExpressVPN (3,000+ servers), and the service lacks advanced features such as split tunnelling, multi-hop connections, or kill switches that are standard in premium offerings.
Comparative standing. Independent browser comparison analyses rate Maxthon’s VPN as suitable for users with minimal privacy needs and low performance expectations. For users with serious privacy requirements, analysts consistently recommend dedicated services such as NordVPN, ExpressVPN, Proton VPN, or Surfshark as substantially more robust alternatives.
4. Anti-Tracking Protection
4.1 Feature Description
Maxthon includes a built-in anti-tracking feature that operates by blocking online trackers — scripts and third-party technologies that monitor browsing activity across websites. The feature is toggle-enabled via the browser’s Settings > Features menu and maintains a list of blocked trackers that users can review. It is available free on both mobile and desktop versions.
4.2 Practical Benefits
Anti-tracking protection addresses a distinct and important threat vector: the cross-site behavioural profiling conducted by advertising networks, data brokers, and analytics platforms. By intercepting tracker scripts before they execute, Maxthon’s anti-tracking tool reduces the volume of data available to third-party profilers without requiring the user to understand the technical mechanisms involved.
This feature complements, rather than duplicates, incognito mode. While private browsing eliminates local data storage, anti-tracking actively prevents data from being transmitted to external parties during the session.
4.3 Limitations
Independent comparative evaluations characterise Maxthon’s anti-tracking as “basic” or “rudimentary” relative to the tracking protection offered by browsers specifically engineered for privacy. Firefox’s Enhanced Tracking Protection (ETP) and Brave’s native tracker-blocking engine are both rated more comprehensive in independent assessments. Maxthon does not implement strong fingerprinting resistance, a major tracking vector through which websites can identify users by their device characteristics (screen resolution, installed fonts, browser configuration) even when cookies and scripts are blocked.
5. Ad Blocking
5.1 Feature Description
Maxthon integrates a native ad blocker across both its mobile and desktop versions. On mobile, ad blocking is active by default; on desktop, it is available as an optional extension. The ad blocker filters advertising content from web pages, reducing page load times and visual clutter.
5.2 Practical Benefits
Beyond the user experience benefits of reduced advertisement exposure, Maxthon’s ad blocker provides a meaningful secondary security function. It serves as a defence against malvertising — the injection of malicious code through advertising networks — which is a well-documented attack vector that does not require user interaction beyond loading an infected page. By blocking third-party advertisements at the network level, the ad blocker eliminates an entire class of potential malware delivery mechanism.
5.3 Limitations
The desktop implementation’s optional extension model is less robust than mobile’s default-on approach. Users who do not actively enable the extension on desktop receive no ad blocking protection out of the box. Additionally, Maxthon’s ad blocker is not independently benchmarked against the performance of leading solutions such as uBlock Origin, which consistently outperforms browser-native blockers in third-party evaluations.
6. Do Not Track (DNT) and Global Privacy Control (GPC)
6.1 Feature Description
Maxthon supports the Do Not Track (DNT) HTTP header, which users can activate via the browser’s privacy settings. When enabled, the browser appends a signal to outgoing HTTP requests indicating that the user does not wish to be tracked. Maxthon’s documentation also references the Global Privacy Control (GPC) standard, introduced in 2020 as a more legally substantive successor to DNT.
6.2 Practical and Legal Context
Do Not Track was conceived as a voluntary mechanism through which users could opt out of behavioural advertising. However, it has been widely acknowledged — including by the W3C, which ultimately discontinued its formal standardisation effort — that DNT’s effectiveness is entirely dependent on website compliance, which has historically been near-universal in its absence. Most commercial websites and advertising networks do not honour DNT signals.
GPC represents a more consequential development. Unlike DNT, GPC has been recognised as a legally enforceable opt-out mechanism under the California Consumer Privacy Act (CCPA) and is philosophically aligned with GDPR principles, meaning that websites operating under these jurisdictions may be legally obligated to respect a GPC signal. For users in California or the European Economic Area, a browser that correctly implements GPC therefore provides a meaningful, law-backed privacy right that DNT never achieved.
6.3 Limitations
Maxthon’s documentation discusses both DNT and GPC primarily in the context of user guidance, without providing technical specifics on the implementation status of GPC. Users should verify the current implementation state of GPC in their version of the browser, as the legal enforceability of the signal is contingent on correct transmission.
7. Anti-Phishing Protection
7.1 Feature Description
Maxthon incorporates a real-time anti-phishing engine that cross-references visited URLs against continuously updated databases of known malicious domains. The system employs heuristic analysis to detect emerging threats not yet catalogued in blocklists. Users receive warnings before loading sites identified as suspicious, with the system operating proactively rather than reactively. The URL-matching mechanism uses both blacklisting of known phishing domains and behavioural heuristics.
7.2 Practical Benefits
Anti-phishing protection is one of the most practically valuable security features a browser can offer, given that phishing remains among the most financially damaging categories of cybercrime globally. For users engaged in online banking, e-commerce, or any sensitive credential exchange, an interstitial warning that flags a known phishing domain before the page loads can prevent a catastrophic data breach.
Maxthon’s real-time threat intelligence model, if maintained with current databases, provides protection against the most current documented phishing campaigns, rather than relying solely on blocklists that may lag behind rapidly evolving threats.
7.3 Limitations
The effectiveness of URL-based anti-phishing is bounded by the currency and comprehensiveness of the underlying threat database. Maxthon does not publish details about the threat intelligence providers it partners with or the update frequency of its database, making independent verification difficult. In independent 2025 testing, Microsoft Edge’s SmartScreen blocked significantly more phishing sites than Chrome, a result that underscores the performance variance among browser-level anti-phishing implementations.
8. Data Cleaning
8.1 Feature Description
Maxthon’s Data Cleaning feature enables users to automatically remove browsing data — including history, cache, cookies, download history, and site-specific data — either manually on demand or automatically upon closing the browser. The feature is accessible from Settings > Features > Data Cleaning and allows granular selection of which data types are purged.
8.2 Practical Benefits
Data Cleaning addresses a gap in incognito mode: standard browsing sessions accumulate persistent data that incognito does not protect. Users who primarily browse in normal mode but wish to periodically clear their footprint benefit from a scheduled or automatic cleaning function that does not require the discipline of manual, regular purging. The automatic-on-exit option effectively extends incognito-like data hygiene to all browsing sessions without requiring the user to operate in a specialised mode.
8.3 Limitations
Data Cleaning is a local-device operation. It does not remove data that has already been transmitted to external servers — by advertisers, analytics providers, or the browser’s own cloud synchronisation service. Users who have enabled Maxthon Cloud sync should be aware that bookmarks, passwords, and browsing preferences stored in the cloud are not affected by local data cleaning operations.
9. Encrypted Cloud Synchronisation (Maxthon Passport)
9.1 Feature Description
Maxthon offers cross-platform data synchronisation via its Maxthon Passport account system, allowing users to share bookmarks, passwords, settings, browsing history, and notes across all devices. The synchronisation protocol employs encryption for data in transit to prevent interception.
9.2 Privacy Considerations
Cloud sync introduces an inherent tension with privacy objectives: data that would otherwise remain on-device is transmitted to and stored on Maxthon’s servers. For users who value privacy, this means that the browser’s local privacy features are partially offset by the cloud model. Data stored on Maxthon’s servers is subject to the company’s privacy policy and, by extension, to Chinese legal jurisdiction. Under China’s Cybersecurity Law, domestic technology companies may be compelled to cooperate with law enforcement requests for data, a consideration with particular relevance for international users.
10. Broader Privacy Concerns: Documented Security Incidents
No review of Maxthon’s privacy features would be complete without addressing the documented history of security and data transmission concerns. These concerns are not merely speculative and have been raised by credible, independent cybersecurity researchers.
In 2016, researchers at Fidelis Cybersecurity and Poland-based Exatel documented that Maxthon regularly transmitted an encrypted file — ueipdata.zip — to a server in Beijing via HTTP. This file contained operating system information, CPU details, ad blocker status, homepage URL, websites visited by the user including search queries, and information about installed applications. Critically, the researchers found that data transmission continued even when users had explicitly opted out of the browser’s User Experience Improvement Program (UEIP), which Maxthon had described as voluntary and anonymous. The encryption key for the file was readily discoverable, exposing the data to potential man-in-the-middle interception.
In 2019, a separate vulnerability was discovered in Maxthon 5 that could grant attackers administrative rights on Windows machines and permit execution of malicious code at system startup — a privilege escalation vector that security researchers noted would be particularly difficult for security products to detect.
More recent reporting from 2024–2025 has documented ongoing concerns about connections to third-party tracking and advertising networks and the transmission of user data, including browsing history, IP addresses, and cookie data, to servers in China without adequate encryption or user disclosure.
Maxthon has acknowledged some of these concerns and has committed in various statements to improving data control and transparency. However, independent assessments consistently note that the company’s privacy policy contains vague or ambiguous clauses, and that Maxthon has not submitted its practices to the kind of independent third-party auditing that would enable definitive verification.
11. Comparative Privacy Assessment
The following table situates Maxthon’s privacy feature set relative to major browser competitors as of early 2026.
| Privacy Criterion | Chrome | Firefox | Brave | Maxthon |
|---|---|---|---|---|
| Built-in VPN | No | No | Yes (paid) | Yes (free, with caveats) |
| Built-in Ad Blocker | No | No | Yes (native) | Yes (built-in) |
| Anti-Tracking | Limited | Strong (ETP) | Very Strong | Basic |
| Fingerprinting Resistance | Limited | Moderate | Strong | Limited |
| Do Not Track / GPC | Yes | Yes | Yes | Yes |
| Third-Party Cookie Blocking | Partial | Yes | Yes | Partial |
| Independent Privacy Audit | N/A | N/A | Yes | No |
| Server Data Concerns | Yes (Google) | Minimal | Minimal | Yes (China) |
| Overall Privacy Rating | Poor | Good | Excellent | Fair (with caveats) |
Ratings based on independent assessments from TechRadar, comparative browser analysis, and academic research, 2025–2026.
12. Conclusion
Maxthon presents a compelling feature portfolio for users who prioritise the convenience of integrated privacy tools without the complexity of assembling a privacy stack from third-party extensions and applications. Its incognito mode, anti-phishing engine, ad blocker, anti-tracking, data cleaning function, and built-in VPN collectively address a broad range of common privacy risks and, taken at face value, represent a more comprehensive out-of-the-box privacy offering than mainstream competitors such as Chrome or Edge.
However, the critical weight of independent research, documented security incidents, and technical analysis substantially qualifies this assessment. The VPN’s resource-sharing model, absence of independent auditing, and known data-quality limitations undermine its utility for users with serious privacy requirements. The anti-tracking and fingerprinting protections are demonstrably weaker than those offered by Firefox or Brave. And the historical pattern of data transmission to Chinese servers — including transmission that continued after users opted out — raises systemic trust concerns that feature additions alone cannot resolve.
Maxthon is most appropriately characterised as a feature-rich browser that provides meaningful convenience-oriented privacy protections suitable for casual users. It is not recommended for users with elevated privacy requirements, users operating in sensitive professional or political contexts, or users for whom jurisdictional data sovereignty is a critical consideration.
For academically rigorous privacy protection, the literature consistently recommends Brave Browser as the strongest Chrome-compatible option, Firefox as the most privacy-transparent open-source alternative, and Tor Browser for the highest-assurance anonymity use-cases where performance constraints are acceptable.
References
- Fidelis Cybersecurity / Exatel (2016). Maxthon Browser Sends Sensitive Data to China. SecurityWeek.
- TechNode (2019). Chinese Browser Maxthon Grants Admin Rights to Malware: Researchers.
- TechRadar (2025). Maxthon Browser Review: Features, Usage, and Competition. Rating: 3.5/5.
- Maxthon Browser Comparison Report (2026). blog.maxthon.com.
- MakeUseOf (2023). Is the Maxthon Web Browser Safe to Use?
- TechBloat / UMA Technology (2025). Maxthon Browser Caught Sending Sensitive Personal Data to China.
- Maxthon Official Feature Pages: maxthon.com/en/feature/anti-tracking, /data-cleaning (2024).
- Maxthon Blog: How to Prevent Being Tracked Online (2024); Main Findings About Free VPNs in 2025 (2025).
- Englehardt, S. et al. (2018). I never signed up for this: Privacy implications of email tracking. USENIX.
- W3C Do Not Track Working Group. Final Recommendation Status (2019).