In a detailed investigation, CNN has revealed that Pinduoduo, a Chinese e-commerce giant with over 750 million monthly users, is suspected of conducting user surveillance.

Cybersecurity researchers have found that the shopping app can bypass users’ cell phone security to monitor activities on other apps, read private messages, and change settings.

Moreover, the app contains malware that exploits Android operating system vulnerabilities, allowing the company to spy on its users and competitors to increase sales.

After speaking with multiple cybersecurity teams and current and former Pinduoduo employees, the presence of malware on the app has been confirmed.

The malware is difficult to remove once installed, leading experts to claim that Pinduoduo has taken violations of privacy and data security to the next level.

While many apps collect user data without explicit consent, Pinduoduo’s actions are particularly egregious.

Mikko Hyppönen, the Chief Research Officer at the Finnish cybersecurity firm WithSecure, stated that “We haven’t seen a mainstream app like this trying to escalate their privileges to gain access to things that they’re not supposed to gain access to.”

Experts believe that Pinduoduo’s alleged user surveillance may not only violate user privacy but may also harm competitors.

Google was quick to act on the serious risks involved with the Chinese shopping app, removing it from the Google Play Store few weeks ago.

Mentioning that the app had been suspended due to security concerns, the Google spokesperson said that “Off-Play versions of this app that have been found to contain malware have been enforced on via Google Play Protect.”

Replying to a query by Reuters, a Pinduoduo spokesperson responded in an email saying that “Google Play has informed us this morning that Pinduoduo App has been temporarily suspended as the current version is not compliant with Google’s Policy, but has not shared more details.”

While there is currently no evidence that Pinduoduo has provided data to the Chinese government, US lawmakers are concerned that the company, like all businesses under Beijing’s jurisdiction, could be compelled to cooperate with a range of security activities.