Chinese Shopping App Pinduoduo Found Spying on Users

Chinese Shopping App Pinduoduo Can Spy on Users

Published on: April 3, 2023
Last Updated: April 3, 2023

Chinese Shopping App Pinduoduo Can Spy on Users

Published on: April 3, 2023
Last Updated: April 3, 2023

In a detailed investigation, CNN has revealed that Pinduoduo, a Chinese e-commerce giant with over 750 million monthly users, is suspected of conducting user surveillance.

Cybersecurity researchers have found that the shopping app can bypass users’ cell phone security to monitor activities on other apps, read private messages, and change settings.

Moreover, the app contains malware that exploits Android operating system vulnerabilities, allowing the company to spy on its users and competitors to increase sales.

After speaking with multiple cybersecurity teams and current and former Pinduoduo employees, the presence of malware on the app has been confirmed.

The malware is difficult to remove once installed, leading experts to claim that Pinduoduo has taken violations of privacy and data security to the next level.

While many apps collect user data without explicit consent, Pinduoduo’s actions are particularly egregious.

Mikko Hyppönen, the Chief Research Officer at the Finnish cybersecurity firm WithSecure, stated that “We haven’t seen a mainstream app like this trying to escalate their privileges to gain access to things that they’re not supposed to gain access to.”

Experts believe that Pinduoduo’s alleged user surveillance may not only violate user privacy but may also harm competitors.

Google was quick to act on the serious risks involved with the Chinese shopping app, removing it from the Google Play Store few weeks ago.

Mentioning that the app had been suspended due to security concerns, the Google spokesperson said that “Off-Play versions of this app that have been found to contain malware have been enforced on via Google Play Protect.”

Replying to a query by Reuters, a Pinduoduo spokesperson responded in an email saying that “Google Play has informed us this morning that Pinduoduo App has been temporarily suspended as the current version is not compliant with Google’s Policy, but has not shared more details.”

While there is currently no evidence that Pinduoduo has provided data to the Chinese government, US lawmakers are concerned that the company, like all businesses under Beijing’s jurisdiction, could be compelled to cooperate with a range of security activities.

Stay on top of the latest technology trends — delivered directly to your inbox, free!

Subscription Form Posts

Don't worry, we don't spam

Written by Husain Parvez

Husain has been around the internet ever since the dial-up days and loves writing about everything across the technosphere. He loves reviewing tech, writing about VPNs, and covering Cybersecurity news.