Google stopped distributing the application due to suspicion that malware that monitors users was installed in a major mail order application



A Chinese security researcher has accused leading e-commerce service Pinduoduo of containing malware designed to spy on its users in its official Android app. In response, Google has flagged the official app of Pinduto as malware, stopped distribution, and warned users who had already installed it.

Google flags apps made by popular Chinese e-commerce giant as malware | TechCrunch
https://techcrunch.com/2023/03/20/google-flags-apps-made-by-popular-chinese-e-commerce-giant-as-malware/



Pinduto is an e-commerce service that sells agricultural products procured from farmers via a smartphone app. Chinese consumers have become very conscious of food quality in recent years, and Pinduoduo is a big hit. Pinduo's annual revenue in 2018 was $ 1.9 billion (about 250 billion yen), but in 2022 it increased to $ 18.9 billion (about 2.5 trillion yen), showing rapid growth. .

However, an accusation was posted on GitHub by an anonymous security researcher that there was a problem with Pinduo's Android app. According to this point, the Pinduo official app version 6.49 and earlier was embedded with code to read app usage records and app notifications on the user's smartphone by exploiting a privilege escalation vulnerability on various Android smartphones. About. According to a GitHub post, Pinduo has asked his lawyer to remove the post.

GitHub - davinci1010/pinduoduo_backdoor: 拼多多apk内插入权代码,和动态下发dex分析
https://github.com/davinci1010/pinduoduo_backdoor



GitHub - davinci1012/pinduoduo_backdoor_unpacker: Samples and Unpacker of malicious backdoors and exploits developed and used by Pinduoduo
https://github.com/davinci1012/pinduoduo_backdoor_unpacker



A security researcher who made a complaint to GitHub told TechCrunch, an IT news site, ``We also found that the app exploits several zero-day exploits to hack users,'' he said. I urge you to stop using it.

In response to this accusation, Google applied Google Play Protect , a comprehensive security service for Android, to prevent users from installing the Pinduo official app, and uninstall it for users who have already installed it. A warning is issued to prompt you to

When TechCrunch actually installed the Pinta official app from the Google Play store, it displayed 'Blocked by Google Play Protect' as shown in the screen below.



A Google spokesperson commented that Google has stopped distributing the Pinduo official app, ``While we continue to investigate the app, we are applying Google Play Protect to the Pinduo official app due to security concerns.'' doing.

A spokesperson for PDD Holdings, which operates Pinduoduo, told TechCrunch that it strongly denied that the official app contained malware, saying, ``Google's statement is inconclusive. I find it strange that TechCrunch is only pointing out Pinduoduo's apps, not just Duduoduo's, but other companies' apps have also been banned.'

Please note that the Google Play Store is not available from China, where many of Pinduo's main users reside. According to security researchers, Pinduo's official app is not only available on the Google Play store, but also on Samsung, Huawei, Oppo, and Xiaomi app stores.

in Mobile,   Software,   Security, Posted by log1i_yk