Pinduoduo users at risk: Google finds malware
Google has detected malware in the unsanctioned versions of the Chinese shopping app Pinduoduo and suspended it from Play Store.
Pinduoduo's unsanctioned versions reportedly included malware, and the company took down the app as a security precaution while further investigating the situation.
According to Yahoo, the founder of Hong Kong-based security firm HardenedVault, Shawn Chang, mentioned that the code from previous versions of the app on GitHub show malware present. "According to that publicly available information, PDD has used nday/0day exploits, targeting Android parcel serialization/deserialization to gain system privileges," he said.
Google scans every app on the Play Store for malware. "Google Play Protect enforcement has been set to block installation attempts of these identified malicious apps. Users that have malicious versions of the app downloaded to their devices are warned and prompted to uninstall the app," a Google spokesperson said.
Pinduoduo is a Chinese e-commerce platform that allows users to buy a wide variety of products at discounted prices through group buying. It is one of the biggest online retail platforms in the country. The platform combines social networking with online shopping, encouraging users to share deals with their friends and family for even better discounts.
On the other hand, Pinduoduo's subsidiary Temu is still available on the Play Store. The company hasn't made a follow-up announcement regarding the future of Temu.
Tension continues to grow
The tension between Western countries and China is gradually increasing, with more news coming every day. The United States banned TikTok from government devices, and Canada, New Zealand, the United Kingdom, and the European Commission joined the country and issued similar bans. TikTok is not only getting hits from governments but also private entities. Recently, Denmark's public service broadcaster banned the application from corporate devices, and the media giant BBC followed the same steps.
Besides, the United States has also introduced a new cybersecurity strategy that assigns responsibility to tech companies. Joe Biden asked American tech companies to be more careful against cyberattacks and malicious activities. "The steps we take and choices we make today will determine the direction of our world for decades to come. This is particularly true as we develop and enforce rules and norms for conduct in cyberspace," Biden had said. It looks like Google is taking standard precautions while listening to the White House.Advertisement