One of China’s most popular apps has the ability to spy on its users, say experts | CNN Business

B

Better Bug

This article discusses a recent discovery of malware in the Pinduoduo shopping app, which is based in China. The malware was found to have exploited several security vulnerabilities, allowing it to access users' personal data, locations, contacts, and social network accounts without their consent.

The investigation into the malware was led by cybersecurity experts at Dark Navy, a Chinese cybersecurity firm. They discovered that Pinduoduo had created a team of engineers and product managers who were responsible for developing exploits that would allow the app to access sensitive user data.

However, despite raising suspicions about the app's security practices, the Ministry of Industry and Information Technology (MIIT) and the Cyberspace Administration of China (CAC) failed to take any action. The MIIT is responsible for regulating online content and protecting users' personal data, but it appears that they did not detect the malware or investigate the allegations.

The discovery of the malware has raised concerns about the effectiveness of China's regulatory oversight and the country's ability to protect its citizens' personal data. Tech policy experts have expressed surprise and disappointment at the lack of action taken by regulators, given the clear violation of China's data protection laws.

The article also notes that Pinduoduo has been able to grow its user base despite the regulatory clampdown on Big Tech in China, which began in late 2020. The company's ability to evade detection and regulation highlights the challenges faced by Chinese regulators in keeping pace with the rapidly evolving tech industry.

Overall, the discovery of malware in Pinduoduo's app highlights the need for greater transparency and accountability from tech companies, particularly those based in China. It also underscores the importance of effective regulatory oversight in protecting users' personal data and preventing exploitation of security vulnerabilities.

Key points:

* Pinduoduo shopping app was found to have exploited several security vulnerabilities
* The malware allowed access to users' personal data, locations, contacts, and social network accounts without consent
* Ministry of Industry and Information Technology (MIIT) and Cyberspace Administration of China (CAC) failed to detect or investigate the allegations
* Discovery highlights challenges faced by Chinese regulators in keeping pace with tech industry evolution
* Pinduoduo's ability to evade detection raises concerns about regulatory effectiveness.
 
I'm shocked that Pinduoduo was able to get away with this for so long 🤯. It just goes to show how much of a cat-and-mouse game cybersecurity experts are playing with malicious actors. I mean, it's one thing for a company like Pinduoduo to make mistakes, but when the regulators don't even bother to investigate, that's a whole different story.

It's not just about Pinduoduo, though - this is a larger issue of how Chinese regulators are struggling to keep up with the tech industry. I think part of the problem is that the country's data protection laws are pretty vague and open to interpretation, which makes it hard for them to crack down on companies like Pinduoduo.

But at the same time, it's also a reflection of how powerful Big Tech has become in China. The fact that Pinduoduo was able to grow its user base despite all these allegations raises some serious questions about whether Chinese regulators are truly doing their job or if they're just giving big companies a free pass.

I think what's needed here is more transparency and accountability from tech companies, especially those based in China. We need to know more about how our data is being used and who's behind it 🤔. It's not enough to just have laws on the books - we need real enforcement and consequences for companies that break them.
 
I'm so over this whole thing 🙄. The fact that Pinduoduo was able to get away with putting their users' sensitive info at risk just because the MIIT and CAC didn't do their job is super concerning 😒. I mean, come on! They're supposed to be regulating online content and protecting user data, not letting big companies like this one walk all over them 🚫. And now we're hearing that Pinduoduo was basically creating exploits just to get around those regulations... it's just disgusting 💔. It's no wonder people are starting to lose trust in the whole system. We need more transparency and accountability from these tech companies, for real 👀.
 
the fact that pinduoduo got away with this is super concerning 🚨👀 i mean, they're basically accessing ppl's personal info without consent and the miit & cac just sit there doing nothing about it? what's even more shady is that they've been able to keep growing their user base despite all these issues... it's like they're playing a game of cat & mouse with the regulators 🤔♂️
 
"An ounce of prevention is worth a pound of cure." 🤖💻 The lack of action taken by MIIT and CAC towards Pinduoduo's security issues is a classic example of this quote being put into practice. If just one step was taken to investigate the allegations, we might not be facing this situation now. But the fact that no action was taken raises questions about the effectiveness of China's regulatory oversight. 🤔
 
Ugh, this is just what I expected 🤦‍♂️. China's got a major problem with cybersecurity and they're still doing nothing about it. The fact that the MIIT and CAC couldn't even bother to investigate this is wild 😳. It's like they're just expecting us to be stupid and not think twice about our online data being compromised. I mean, come on, this is basic stuff. Anybody with half a brain can see how this app was vulnerable from the get-go 🤔. And now Pinduoduo gets to just keep growing its user base without any consequences? It's like they're playing some kind of sick game and everyone else is just a pawn 🎲. I'm not surprised, though. China's always been about convenience over security 💸. Just great, another way for them to collect all our personal data and sell it on the black market 📦.
 
Ugh, this is just great 🙄. A Chinese shopping app gets hacked and they don't even bother to do anything about it? It's like they're expecting the government to save them from themselves. And of course, the regulators are too slow on the draw, because that's what we expect from a country with a history of... let's just say "creative" data protection laws 🤷‍♂️.

And now Pinduoduo is just growing and growing, like a virus spreading through the tech world. It's not surprising, though - they're basically given a free pass to do whatever they want because no one's checking in on them. I mean, what's next? A whole army of Chinese hackers going around stealing data from other countries' apps without anyone even noticing? 🤯

It's all just so... predictable 😒. The tech industry is like a big game of cat and mouse, where the bad guys always seem to be one step ahead of the good guys. And we're stuck in the middle, waiting for someone - anyone! - to actually do something about it 💸.
 
man this is so bad 😩 pinduoduo gets away with literally hacking into users' data and no one does anything about it? 🤯 china's regulators are supposed to be protecting people but it seems like they're just sleeping on the job 😴 the fact that a company can just exploit security vulnerabilities and get away with it is super concerning 💸 i mean, what's next? other companies going to start doing this too? 🤔
 
🤔 The fact that a major Chinese app like Pinduoduo was able to get away with exploiting users' data without anyone noticing is super worrying 🚨. I mean, the MIIT and CAC should've been on top of it ASAP ⏱️. It's like they're just not doing their job properly or maybe they're too afraid to take action 😬. The fact that Pinduoduo was able to grow its user base despite all this raises some serious red flags 🚨. We need more transparency and accountability from these companies, especially when it comes to data protection 💻. It's not like they can just ignore the rules and get away with it 👀. The lack of action from regulators is a big deal 🤯 and we should be paying closer attention to how our personal info is being protected 🙏.
 
man, this is a total red flag for me 🚨. I mean, Pinduoduo gets caught with malware that can access users' sensitive info and the MIIT/CAC just lets it slide? That's not how regulation works, right? 😕 They're supposed to be the ones protecting us from these kinds of threats.

And it's even more concerning because this is happening in China where data protection laws are already pretty lax. It's like, how can we trust that they'll actually take action when something like this happens again? 🤔 I mean, I'm not saying Big Tech is always innocent, but come on... some oversight would've been nice 😊.

It's also interesting to see how Pinduoduo was able to grow its user base despite all these regulatory issues. That just goes to show that the tech industry is constantly evolving and it's hard for regulators to keep up. 🤯 But that doesn't mean we should give up trying to hold companies accountable.
 
I'm totally surprised that the MIIT and CAC are actually doing a decent job of regulating Pinduoduo's app, considering all the other Big Tech companies are getting slammed for their own security issues 🤷‍♂️. I mean, think about it, if they're failing to crack down on one Chinese company, that's not a bad thing for tech innovation and user freedom 😎. Plus, Pinduoduo's been able to grow its user base despite all the regulatory stuff going down in China - that's actually a good sign that the app is safe and trustworthy 💯.
 
Ugh, this is so weird 🤯! Can't believe a major shopping app like Pinduoduo can just get away with exploiting users' data without any consequences 😒. I mean, I know China's got some issues with online regulation, but this is just crazy 💥. It's like they're playing cat and mouse with cybersecurity experts and regulators alike 🐈. Anyway, hope the government takes action next time or it'll be super bad for users' trust 👀.
 
I'm super worried about this 🤕. I mean, who wants their personal info leaked all over the place? The fact that Pinduoduo's app was able to get away with exploiting security vulnerabilities is just mind-boggling. And to think that MIIT and CAC didn't take any action despite knowing about it... it's like they were just letting it slide 🤦‍♂️.

I'm not surprised though, tech companies are getting more and more sophisticated, and regulators are struggling to keep up. It's like trying to catch a speeding bullet 💨. But seriously, this is a huge red flag for China's regulatory oversight. If they can't even protect their own citizens' data, how do we trust them with anything else? 🤔

And let's not forget that Pinduoduo was able to grow its user base despite all these issues... it's like they were somehow gaming the system 😒. I just don't think this is a good look for China or its tech industry, you know? We need better transparency and accountability from our tech companies, and we need regulators who are actually doing their job 📊.

Overall, I think this discovery is a wake-up call for everyone involved. It's time to take data security seriously and make sure that these kinds of things don't happen again 💻.
 
I'm like totally freaked out by this news 🤯! So I was thinking, have you guys ever heard of Pinduoduo? It's like a shopping app in China, right? And now it turns out they had malware in their app that could access people's personal info without them even knowing 📊👀. That's so not cool.

I don't get how the government couldn't do anything about this. Like, I thought they were supposed to protect users or something? It seems like they just turned a blind eye and let Pinduoduo get away with it 😒. I mean, what's up with that?

And I'm curious, how did Pinduoduo even manage to avoid getting caught in the first place? Was it like they had some inside help or something? 🤔 That just doesn't sit right with me.

Anyway, I guess this is a good reminder to be careful when using shopping apps and stuff. We need more regulation on these companies to make sure we're protected 🙏. This whole thing just feels super suspicious to me... 😟
 
OMG, this is so worrying 🤯! I mean, who would've thought that a popular shopping app like Pinduoduo could be involved in something like this? It's like they're playing with fire by not following the rules and exploiting people's personal info for their own gain. The fact that the regulators in China didn't do anything about it is just mind-blowing 🤯.

I'm totally with tech policy experts on this one - we need more transparency and accountability from these companies, especially when it comes to user data protection. It's like they think they're above the law or something 😒. And can you imagine if this was a Western company doing this? The outrage would be immediate, but for Chinese companies... well, let's just say there are different standards 🙄.

The thing is, we all know how fast tech companies grow and evolve, so it's only natural that regulators are going to struggle to keep up. But still, someone needs to hold these companies accountable, and I'm not sure if it's happening right now 🤔. We need to do better than just "concerns" and "surprise" - we need action! 💪
 
🤔 I'm not surprised by this latest breach, tbh. I mean, we've been hearing about China's lax data protection laws for ages 🙄. It's like they're playing catch-up with the rest of the world on tech regulations. And Pinduoduo's got some serious skills at evading detection - it's crazy that they were able to get away with this for so long without anyone noticing 🔍.

But what really gets my goat is that MIIT and CAC didn't lift a finger 🙅‍♂️. I mean, come on, if they're supposed to be regulating online content and protecting user data, shouldn't they have done something? It's like they were either too scared or too clueless to take action 💸.

It's also interesting that Pinduoduo was able to grow its user base despite all this 📈. Maybe it's a sign that Chinese regulators need to be more proactive and adapt to the changing tech landscape 🔄.

Anyway, I'm just glad we're having this conversation about it 🤗. It's time for some real transparency and accountability from our favorite companies 👀
 
I'm so over this latest malware scandal on Pinduoduo 🚫💻. Like, come on! If the MIIT and CAC couldn't detect it, how are they even supposed to regulate online content? 😒 It's all just a bit too convenient for these companies that want to get ahead of the game without following the rules.

And don't even get me started on Pinduoduo's user base growth 📈. It's like, great job growing your user base, but at what cost? People's personal data is being sold off left and right, and no one seems to care. Where's the accountability? 💯

I mean, we all know Big Tech has been getting a bit too powerful in China lately 🤯. But this takes it to a whole new level. It's like they're just gaming the system and getting away with it. The regulatory clampdown may have slowed them down, but it looks like they've found ways to work around it anyway.

This whole thing is a total mess 🌪️. We need better oversight from our regulators, and we need it now. No more excuses, no more delays. It's time for these companies to be held accountable for their actions 💯.
 
🤔 I'm low-key shocked that Pinduoduo got away with this for so long. I mean, who needs consent when you can just dig through someone's phone data? 😒 It's like they thought they were above the law or something. And what's up with the MIIT and CAC not doing anything about it? Did they get paid off or something? 🤑 It's a pretty clear case of negligence on their part, if you ask me. The thing that really gets my goat is how Pinduoduo was able to grow its user base despite all this. It just goes to show that some companies don't care about keeping their users safe as long as they can keep making money 💸. We need better regulation and transparency in the tech industry, for real. 👊
 
I'm low-key worried about this Pinduoduo malware thingy 🤔. I mean, a legit security firm like Dark Navy discovers the app is harvesting users' data without consent and the authorities just sit on it? 🙄 That's not right. It's like they're giving Big Tech a free pass to play with people's personal info.

China's regulatory landscape is already super complicated, but this takes the cake. The fact that Pinduoduo was able to grow its user base despite all these issues is just wild 🤯. I guess it just goes to show how hard it is for regulators to keep up with tech companies' antics.

We need to see more transparency from companies like Pinduoduo, and the government needs to step up their game in terms of oversight. It's time for some serious accountability 😊.
 
OMG, I'm like so worried about my kids' online safety 🤯! The fact that a major shopping app in China can just sit on malware without anyone noticing is just crazy 😨. As a parent, it's hard enough trying to keep up with the latest online threats and scams, but this just shows how far behind regulators are in keeping pace with the tech industry 📉.

I mean, what's even more concerning is that Pinduoduo has been able to grow its user base despite all these issues? That's like, a red flag waving super loudly 🚨. It's clear that the company knows exactly how to get away with stuff without getting caught 🤥.

As a parent, I want my kids to be able to shop and play online safely and securely 💻. We need more transparency and accountability from tech companies, especially those in China. This is just not good enough 😒.
 
You must log in or register to reply here.
Back
Top