Skip to main content

Google flags apps made by popular Chinese e-commerce giant as malware

On Monday, Google announced that it had flagged several apps made by a Chinese e-commerce giant as malware, alerting users who had them installed, and suspended the company’s official app.

In the last couple of weeks, multiple Chinese security researchers accused Pinduoduo, a rising e-commerce giant that boasts almost 800 million active users, of making apps for Android that contain malware designed to monitor users.

Ed Fernandez, a Google spokesperson, said that “off-Play versions of this app that have been found to contain malware have been enforced on via Google Play Protect,” referring to apps that are not on Google Play.

Effectively, Google has set Google Play Protect, its Android security mechanism, to block users from installing these malicious apps, and warn those who have them already installed, prompting them to uninstall the apps.

Fernandez added that Google has suspended Pinduoduo’s official app on the Play Store “for security concerns while we continue our investigation.”

A security researcher, who asked to be anonymous, alerted TechCrunch of the claims against the apps and said they analyzed the apps as well, finding that the apps were exploiting several zero-days to hack their users.

Pinduoduo did not respond to a request for comment.

In a test, TechCrunch installed one of the suspected malicious apps, which popped up a message by Google alerting that the app is malicious.

It’s important to note that Google Play is not available in China, and according to the anonymous security researchers, the malicious apps were present on the custom app stores of the phone manufacturers Samsung, Huawei, Oppo and Xiaomi.

None of these companies responded to a request for comment.

Do you have more information about crypto hacks or crypto mixing services? We’d love to hear from you. From a non-work device, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Wickr, Telegram and Wire @lorenzofb, or email lorenzo@techcrunch.com. You can also contact TechCrunch via SecureDrop.

Google flags apps made by popular Chinese e-commerce giant as malware by Lorenzo Franceschi-Bicchierai originally published on TechCrunch



source https://techcrunch.com/2023/03/20/google-flags-apps-made-by-popular-chinese-e-commerce-giant-as-malware/

Comments

Post a Comment

Popular posts from this blog

Max Q: Psyche(d)

In this issue: SpaceX launches NASA asteroid mission, news from Relativity Space and more. © 2023 TechCrunch. All rights reserved. For personal use only. from TechCrunch https://ift.tt/h6Kjrde via IFTTT
Post a Comment
Read more

Max Q: Anomalous

Hello and welcome back to Max Q! Last week wasn’t the most successful for spaceflight missions. We’ll get into that a bit more below. In this issue: First up, a botched launch from Virgin Orbit… …followed by one from ABL Space Systems News from Rocket Lab, World View and more Virgin Orbit’s botched launch highlights shaky financial future After Virgin Orbit’s launch failure last Monday, during which the mission experienced an  “anomaly” that prevented the rocket from reaching orbit, I went back over the company’s financials — and things aren’t looking good. For Virgin Orbit, this year has likely been completely turned on its head. The company was aiming for three launches this year, but everything will remain grounded until the cause of the anomaly has been identified and resolved. It’s unclear how long that will take, but likely at least three months. Add this delay to Virgin’s dwindling cash reserves and you have a foundation that’s suddenly much shakier than before. ...
Post a Comment
Read more

What’s Stripe’s deal?

Welcome to  The Interchange ! If you received this in your inbox, thank you for signing up and your vote of confidence. If you’re reading this as a post on our site, sign up  here  so you can receive it directly in the future. Every week, I’ll take a look at the hottest fintech news of the previous week. This will include everything from funding rounds to trends to an analysis of a particular space to hot takes on a particular company or phenomenon. There’s a lot of fintech news out there and it’s my job to stay on top of it — and make sense of it — so you can stay in the know. —  Mary Ann Stripe eyes exit, reportedly tried raising at a lower valuation The big news in fintech this week revolved around payments giant Stripe . On January 26, my Equity Podcast co-host and overall amazingly talented reporter Natasha Mascarenhas and I teamed up to write about how Stripe had set a 12-month deadline for itself to go public, either through a direct listing or by pursuin...
Post a Comment
Read more