Home » Pinduoduo Malware Explained: Chinese App Spying on Users and Monitoring Activities

Pinduoduo Malware Explained: Chinese App Spying on Users and Monitoring Activities

Chinese shopping app Pinduoduo might be posing a huge security threat to millions of its users. As per a new report by CNN, the app can bypass a user’s mobile phone’s security and monitor their activities, including reading messages and checking notifications on other apps.

Pinduoduo has over 750 million monthly users and sells everything from clothes to groceries. The report comes just a few weeks after Google took the app down from Playstore, citing malware issues. A number of cybersecurity experts have now warned against the usage of the app.

Pinduoduo Malware: The App Can Monitor Your Activities on Phone, Bypassing Security

While a number of apps collect user data, Pinduoduo is said to have taken security breaches to the next stage by spying on its users while they use other applications. Once installed, Pinduoduo is difficult to remove as it asks for access to more settings than required. The app reportedly ‘exploited vulnerabilities in Android operating systems,’ says CNN’s report.

Sources close to the company have revealed that the spying was done to boost sales based on the user’s personalized interests. Google removed the app from Playstore in March owing to the malware issues found on off-play versions.

“The Off-Play versions of the e-commerce app that have been found to contain malware have been enforced on via Google Play Protect,” a spokesperson for Google said at the time. It is not confirmed whether the app shared the user data with the Chinese government; however, it seems possible, considering China’s national security laws can force companies to reveal the data.

Experts Warn Against the Usage of Pinduoduo App

A number of cybersecurity researchers have expressed their concern over the security violation by the app. Mikko Hyppönen, chief research officer of the Finnish cybersecurity company WithSecure said, “We haven’t seen a mainstream app like this trying to escalate their privileges to gain access to things that they’re not supposed to gain access to.”

“This is highly unusual, and it is pretty damning for Pinduoduo. Our team has reverse engineered that code and we can confirm that it tries to escalate rights, tries to gain access to things normal apps wouldn’t be able to do on Android phones,” he added.

Tel Aviv-based cyber firm Check Point Research also conducted research and found malicious plugins on Pinduoduo. “Such a technique is widely used by malware developers that inject malicious code into applications that have legitimate functionality,” the company concluded.

Pinduoduo’s Sister App, Temu, is also Under the Scanner

Temu is a sister app of Pinduoduo, widely used in the US. While Pinduoduo has been taken off the app store by Google, Temu still remains available. However, with the report of the malware, the sister app has also come under the scanner, and its expansion plans might be hindered. Both apps are owned by PDD, an MNC with roots in China.

Pinduoduo was founded in 2015 as a competitor to Alibaba and JD.com. It targeted users in low-income rural areas and started growing exponentially. The news of Pinduoduo’s security violations comes amid increased scrutiny of Chinese apps like TikTok, whose CEO, Shou Chew, was questioned by Congress last week.

Stay tuned for more news and updates.

About the author

Jack Reuben Fletcher

Add Comment

Click here to post a comment