The app deployed a method that allowed it to push updates without an app store review process meant to detect malicious applications, the researchers said. Pinduoduo has previously rejected “the speculation and accusation that Pinduoduo app is malicious.”ĬNN has contacted PDD multiple times over email and phone for comment, but has not received a response. The findings follow Google’s suspension of Pinduoduo from its Play Store in March, citing malware identified in versions of the app.Īn ensuing report from Bloomberg said a Russian cybersecurity firm had also identified potential malware in the app. But as Beijing enjoys significant leverage over businesses under its jurisdiction, there are concerns from US lawmakers that any company operating in China could be forced to co-operate with a broad range of security activities. There is no evidence that Pinduoduo has handed data to the Chinese government. While Temu has not been implicated, Pinduoduo’s alleged actions risk casting a shadow over its sister app’s global expansion. Both are owned by Nasdaq-listed PDD, a multinational company with roots in China. The revelations are also likely to draw more attention to Pinduoduo’s international sister app, Temu, which is topping US download charts and fast expanding in other Western markets. Some American lawmakers are pushing for a national ban on the popular short-video app, whose CEO Shou Chew was grilled by Congress for five hours last week about its relations with the Chinese government. Malware, short for malicious software, refers to any software developed to steal data or interfere with computer systems and mobile devices.Įvidence of sophisticated malware in the Pinduoduo app comes amid intense scrutiny of Chinese-developed apps such as TikTok over concerns about data security. “This is highly unusual, and it is pretty damning for Pinduoduo.” “We haven’t seen a mainstream app like this trying to escalate their privileges to gain access to things that they’re not supposed to gain access to,” Finnish cybersecurity firm WithSecure chief research officer Mikko Hyppönen said. Credit: CFOTO/Future Publishing/Getty Images Cybersecurity experts have identified the presence of malware on Pinduoduo, China’s popular shopping app. Company insiders said the exploits were utilised to spy on users and competitors, allegedly to boost sales. Multiple experts identified the presence of malware on the Pinduoduo app that exploited vulnerabilities in Android operating systems. In a detailed investigation, CNN spoke to half a dozen cybersecurity teams from Asia, Europe and the United States - as well as multiple former and current Pinduoduo employees - after receiving a tip off. While many apps collect vast troves of user data, sometimes without explicit consent, experts say e-commerce giant Pinduoduo has taken violations of privacy and data security to the next level. The bottom line is you can never be certain if your Android device is infected or not, so the best way to stay safe is to install high-profile apps and avoid the questionable ones.Watch the latest News on Channel 7 or stream for free on 7plus > What's even worse is that malware developers find new ways to pass Google Play Store's security protections more often than ever before. ExpensiveWall is a very tricky malware that's hardly detectable by standard (read free) security solutions available in the Google Play Store. Well, there's really no way to stay protected as long as you don't pay attention to what permissions an app requests before being installed. Unfortunately, many Android users grant these permissions without thinking, which is probably one of the reasons it propagated so fast in the first place. If granted, the malware will start sending premium SMS messages and register users for other paid services that don't exist without the user's knowledge.Īlthough these permissions are pretty common for certain types of apps, there's absolutely no reason for a wallpaper app to request SMS permission or even internet access for that matter. Since ExpensiveWall is “packed” inside an Android app, it will ask the user for several common permissions, such as SMS and internet access.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |