Google is flagging apps created by the popular Chinese e-commerce giant as malware

    On Monday, Google announced that it had flagged several apps from a Chinese e-commerce giant as malware, warned users who installed them, and suspended the company’s official app.

    In the last few weeks, multiple Chinese security researchers accused Pinduoduo, an emerging e-commerce giant with nearly 800 million active users, creates apps for Android that contain malware designed to monitor users.

    Ed Fernandez, a Google spokesperson, said that “off-play versions of this app found to contain malware have been enforced through Google Play Protect,” referring to apps that aren’t on Google Play.

    In fact, Google has set up Google Play Protect, the Android security mechanism, to prevent users from installing these malicious apps, and to warn those who have already installed them and ask them to remove them.

    Fernandez added that Google has suspended Pinduoduo’s official app from the Play Store “due to security issues as we continue our investigation.”

    A security researcher, who wished to remain anonymous, alerted about the claims against the apps and said they also analyzed the apps, finding that the apps exploited several zero-days to hack their users.

    Pinduoduo did not respond to a request for comment. was installed in a test one of the suspected malicious appswhich issued a message from Google warning that the app is malicious.

    It is important to note that Google Play is not available in China, and according to the anonymous security researchers, the malicious apps were present in the custom app stores of the phone manufacturers Samsung, Huawei, Oppo and Xiaomi.

    None of these companies responded to a request for comment.

    Do you have more information about crypto hacks or crypto mixing services? We’d love to hear from you. From a non-work device, you can securely contact Lorenzo Franceschi-Bicchierai on Signal at +1 917 257 1382, or via Wickr, Telegram and Wire @lorenzofb, or email [email protected]. You can also contact via SecureDrop.

    Recent Articles


    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox