Google has flagged several apps made by a Chinese e-commerce giant as malware, alerting users who had them installed, and suspended the company’s official app.
In the last couple of weeks, multiple Chinese security researchers have accused Pinduoduo, a rising e-commerce giant that boasts almost 800 million active users, of making apps for Android that contain malware designed to monitor users.
Ed Fernandez, a Google spokesperson, said that “off-Play versions of this app that have been found to contain malware have been enforced on via Google Play Protect,” referring to apps that are not on Google Play.
Effectively, Google has set Google Play Protect, its Android security mechanism, to block users from installing these malicious apps, and warn those who have them already installed, prompting them to uninstall the apps.
Fernandez added that Google has suspended Pinduoduo’s official app on the Play Store “for security concerns while we continue our investigation.”
Requesting anonymity, a security researcher alerted TechCrunch of the claims against the apps, and said their analysis also found that the apps were exploiting several zero-day exploits to hack users.
Pinduoduo’s spokesperson Kong Ho told TechCrunch in an email that “we strongly reject the speculation and accusation by some anonymous researcher and non conclusive response from Google that Pinduoduo app is malicious. There are several apps that have been suspended from Google Play at the same time and we find it peculiar that TechCrunch chose to single out Pinduoduo.”
As a test, TechCrunch installed one of the suspected apps, which prompted an alert that the app could be malicious.
It’s important to note that Google Play is not available in China, and according to the security researcher, the apps were present on the custom app stores of Samsung, Huawei, Oppo and Xiaomi.
None of these companies responded to requests for comment.
The story has been updated to include the comment from Pinduoduo’s spokesperson.
Do you have information about Pinduoduo and its apps? Or other malicious Android apps? We’d love to hear from you. From a non-work device, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Wickr, Telegram and Wire @lorenzofb, or email [email protected]. You can also contact TechCrunch via SecureDrop.
statusquorespecter on March 27th, 2023 at 02:05 UTC »
I've recently noticed an explosion of Chinese apps on the app store. TikTok, CapCut, Temu, Shein etc. Temu was literally #1 when I last checked. I assume there's more coming as China begins to export its domestic tech ecosystem.
Considering the fact that it's taken the US government a year to even begin moving against TikTok (several years if you count Trump's attempt), playing a game of whack-a-mole against individual Chinese apps just won't work very well imo.
My prediction is that there'll soon be a sizeable faction in Congress calling for a blanket ban on all Chinese software, like a reverse Great Firewall of sorts.
DRac_XNA on March 26th, 2023 at 23:09 UTC »
Good.
poirot100 on March 26th, 2023 at 11:34 UTC »
SS:
This is an interesting development and a reminder to folks who lobby on part of TikTok is how dangerous apps like TikTok and Temu ( PDD) are literally soft tools by the Han nationalistic government to hack billions of devices. Allegedly PinDuoDuo (PDD) a major e-commerce chinese app exploited a 0 day vulnerability to conceal its installation, increase installed capacity, counterfeitly boost DAU/MAU, disabling uninstall, attacking competitor apps, stealing all of users privacy data, evasion of privacy compliance regulations
Corresponding discussion on HackerNews alongside a link to the unwrapped apk, I'd be astounded if TikTok isn't using such tactics as well.
PDD is even listed on NYSE. According to Tech crunch Requesting anonymity, a security researcher alerted TechCrunch of the claims against the apps, and said their analysis also found that the apps were exploiting several zero-day exploits to hack users.