Google Suspends Pinduoduo App Over Malware Concerns
Google has suspended the Pinduoduo app due to malware found in its versions. The suspension affects off-Play versions of the app, and the app remains available via other mobile app stores in China. Pinduoduo and its parent company PDD Holdings have not responded to requests for comment.
A technical analysis found a 'backdoor' in Pinduoduo's source code until recently. The malicious app was found to exploit a zero-day vulnerability in Android, patched by Google two weeks prior to the discovery. The malware exploited multiple security vulnerabilities in Android-based smartphones. A Chinese security firm DarkNavy published a blog post suggesting a major Chinese e-commerce company's app used a three-exploit chain to read user data and make its app nearly impossible to remove. A cybercrime community forum post linked the malicious code to Pinduoduo.
Google's Project Zero warned about active attacks on Samsung mobile phones in 2022. The suspension of Pinduoduo app highlights the ongoing threat of malware targeting Android users. Users are advised to be cautious when downloading apps from third-party sources.
Read also:
- Singapore Warns of China-Linked APT Group Targeting Critical Infrastructure
- West Virginia Governor's Revived Board Sparks Legal Concerns Amidst US Clean Energy Push
- Trump and Xi speak over the phone, according to China's confirmation.
- Unlawful MMO gold peddler cultivates around half a million dollars in income, triggering a tax dispute, followed by developers unveiling strategies to clamp down on real-world transactions
