Pinduoduo users at risk: Google finds malware

Onur Demirkol
Mar 21, 2023

Google has detected malware in the unsanctioned versions of the Chinese shopping app Pinduoduo and suspended it from Play Store.

Pinduoduo's unsanctioned versions reportedly included malware, and the company took down the app as a security precaution while further investigating the situation.

According to Yahoo, the founder of Hong Kong-based security firm HardenedVault, Shawn Chang, mentioned that the code from previous versions of the app on GitHub show malware present. "According to that publicly available information, PDD has used nday/0day exploits, targeting Android parcel serialization/deserialization to gain system privileges," he said.

Google scans every app on the Play Store for malware. "Google Play Protect enforcement has been set to block installation attempts of these identified malicious apps. Users that have malicious versions of the app downloaded to their devices are warned and prompted to uninstall the app," a Google spokesperson said.

Pinduoduo is a Chinese e-commerce platform that allows users to buy a wide variety of products at discounted prices through group buying. It is one of the biggest online retail platforms in the country. The platform combines social networking with online shopping, encouraging users to share deals with their friends and family for even better discounts.

On the other hand, Pinduoduo's subsidiary Temu is still available on the Play Store. The company hasn't made a follow-up announcement regarding the future of Temu.

The cyber war between Western countries and China continues as recently Google took down Pinduoduo from Play Store due to malware.

Tension continues to grow

The tension between Western countries and China is gradually increasing, with more news coming every day. The United States banned TikTok from government devices, and Canada, New Zealand, the United Kingdom, and the European Commission joined the country and issued similar bans. TikTok is not only getting hits from governments but also private entities. Recently, Denmark's public service broadcaster banned the application from corporate devices, and the media giant BBC followed the same steps.

Besides, the United States has also introduced a new cybersecurity strategy that assigns responsibility to tech companies. Joe Biden asked American tech companies to be more careful against cyberattacks and malicious activities. "The steps we take and choices we make today will determine the direction of our world for decades to come. This is particularly true as we develop and enforce rules and norms for conduct in cyberspace," Biden had said. It looks like Google is taking standard precautions while listening to the White House.


Tutorials & Tips

Previous Post: «
Next Post: «


There are no comments on this post yet, be the first one to share your thoughts!

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.