One of China’s most popular apps has the ability to spy on its users, say experts | CNN Business

S

Silly Cheese

The article reports on the discovery of malware in Pinduoduo, a Chinese e-commerce platform. Here are some key points from the article:

**Malware Discovery**

* The malware was discovered by Dark Navy, a Chinese cybersecurity firm, in late February 2023.
* The report claimed that Pinduoduo's app contained malware that could spy on users' locations, contacts, calendars, notifications, and photo albums without their consent.

**Exploits and Permissions**

* The malware used exploits to access sensitive information from users' devices.
* The app requested a large number of permissions beyond the normal functions of a shopping app.
* Experts reported that the malware could be reactivated after Pinduoduo removed it from its app store.

**Regulatory Oversight Failure**

* The Chinese Ministry of Industry and Information Technology failed to detect the malware despite regular sweeps for apps violating user data regulations.
* The Cyberspace Administration of China did not take any action against Pinduoduo.

**Consequences for Pinduoduo**

* A core group of 20 cybersecurity engineers who specialize in finding vulnerabilities remained at Pinduoduo after the malware was removed.
* Most team members were transferred to work on Temu, a subsidiary of Pinduoduo.

**Expert Opinions**

* Kendra Schaefer, a tech policy expert, stated that regulators should have detected the malware and called it embarrassing for them.
* A cybersecurity expert with 1.8 million followers wrote on Weibo that regulators cannot understand coding and programming, making it difficult to detect malicious code.

**Censorship**

* The original post by the cybersecurity expert was censored the next day.

The article highlights concerns about regulatory oversight in China and the lack of awareness among regulators regarding cybersecurity issues. It also underscores the importance of effective monitoring and enforcement of data protection regulations.
 
I'm low-key shocked that a major Chinese e-commerce platform like Pinduoduo got caught with malware spying on users' info 🤯🚫. It's not just about them, though - it's a whole lot bigger than that. I mean, think about all the user data being collected and stored... it's a recipe for disaster! 👀

And what really gets me is that the regulators in China couldn't even detect the malware 🙄. Like, how can you expect people to trust their personal info with an app if you're not even keeping an eye on it? 😒 It's like, hello? Some basic quality control would've picked this up ages ago! 👀

I'm glad some cybersecurity experts are speaking out about this 👏... but honestly, who is surprising anyone when Pinduoduo's been shady before 🤑? The fact that they just transferred most of their team to another app and didn't take any major action speaks volumes. 🤷‍♂️
 
😬 I'm not surprised to hear that Pinduoduo, one of China's largest e-commerce platforms, was found to have malware on its app 🤖. The fact that a security firm discovered it in February 2023 raises some serious questions about the regulatory oversight in China 💡. It seems like the Ministry of Industry and Information Technology wasn't doing enough to monitor apps for user data violations 🙅‍♂️.

And what's really concerning is that these issues were known long before they went public 🤐. The fact that experts are saying regulators can't understand coding and programming just adds fuel to the fire 🔥. It's not about knowing all the technical details, but rather being vigilant enough to catch these kinds of problems in the first place 💻.

The censorship of one expert's post on Weibo is also telling 📰. If someone who has 1.8 million followers can't even express their concerns without being silenced, that's a problem too 😬. The fact that Pinduoduo was able to sweep this under the rug and not take any action against itself is just another indication of how the regulatory environment works in China 🤝.

This whole incident highlights the need for more transparency and accountability when it comes to data protection in China 💸. We need better monitoring, enforcement, and clear guidelines to prevent situations like this from happening again 👮‍♂️.
 
🚨 This is soooo concerning! I mean, who's supposed to be looking out for our info on these platforms anyway? 🤔 And now we find out that Pinduoduo had malware in their app with access to way too much personal info... it's like, basic security 101. 😒 I'm all for innovation and growth, but not at the expense of user safety! 🚫 How can you even get away with this stuff without getting caught? It just shows how lax China's regulatory system is when it comes to online protection. We need to see some real action taken here, like stricter laws and enforcement. 🚧
 
omg dont 4get dat pinduoduo had a team of 20 cyber engineers who kept finding malware lol what is goin on with those ppl? they cant even protect their own app let alone users info. censors them tho when one expert talks trash about the lack of oversight 🤦‍♂️ it just shows how serious this issue is. if its good enough for us to know, why not china regulators? gotta keep an eye on those cyber security firms too 👀
 
🤔 I'm worried about what this says about the state of tech regulation in China... 20 cybersecurity engineers just stayed on to work at Temu because they couldn't get out? 🙅‍♂️ It's like, where's the accountability for these regulators? They're supposed to be protecting users, not just sweeping under the rug. 🚮 And censorship? That's not exactly reassuring... when experts are getting their posts censored, it means someone is trying to silence them. 💬 It's a slippery slope, if you ask me.
 
🚨 I'm low-key shocked that Pinduoduo got away with this malware thing. Like, I get it, they're a huge company and all, but come on! 20+ cybersecurity engineers left because they couldn't fix the issue? That's crazy talk! 🤯 They should've had better controls in place from the start. And c'mon, China's got some of the best coding brains in the world, so it's not like it was a huge oversight or anything... yet. 😅 The fact that they just censored the expert who spoke out against them is super sketchy too. It's like, "Hey, we can't let you talk about this because it might get us into trouble"... 🙄
 
Wow 🤯, I'm so worried about my online safety when I hear about this 😬! The fact that Pinduoduo's app was secretly collecting users' personal info is just crazy 🤪... like, how could they not have seen it coming? 🙄 It's crazy that the regulators didn't catch the malware either 💔. This is exactly what happens when you don't prioritize cybersecurity and data protection 🔒. I hope more people are held accountable for this 😡.
 
This is getting crazy 😳 I mean, who needs a shopping app that can just spy on you 24/7? 🤖 Pinduoduo's got some serious 'splainin' to do here... I'm not saying the regulators didn't do their job, but come on, a cybersecurity firm finds malware and they're like "oh no, our fault" 😴. It's all about accountability and making sure these companies are held to high standards of security. 20 cybersecurity engineers staying on at Pinduoduo after the malware was removed? That just smells like a cover-up 🤥. Temu, Pinduoduo's new subsidiary, needs to be under extra scrutiny too - can we trust them with our data? 🤔
 
🤔 This is so concerning, Pinduoduo's security just fails me... how do they not see what's going on with their own app? 🙄 20 experts still working there after that malware? Like what's the point of those "regular sweeps" if you can't even catch a basic thing like this. 🚫 I'm all for companies being innovative, but not at the cost of user data. It makes me question the whole regulatory system in China, is it really designed to protect users or just a front for big corporations? 🤝
 
omg can u believe this??? 🤯 i mean pinduoduo is literally one of the most popular shopping apps in china and they have malware on their app?? that's just crazy! like how did they even let it slip through the cracks? and now these cybersecurity engineers are still working there after they removed the malware? what's going on with those people? 🤷‍♀️ it's like they're not taking things seriously enough. and to make matters worse, the regulators in china can't even detect this stuff? that's just embarrassing for them 🙄 i mean, come on, you'd think that after all these years of warnings about cyber threats, they'd be better prepared by now. but nope, it seems like they're still playing catch-up. ugh, just thinking about it is giving me anxiety 😩
 
This is so worrisome 🤯! I mean, can you even imagine having your personal info just flying around in the wild like that? It's crazy how Pinduoduo managed to sneak this malware by the regulators 🙄. And what's really messed up is that experts are saying these people didn't understand coding and programming... it's just not an excuse 🤦‍♀️! We need better oversight, for sure 👮‍♂️. This whole situation just highlights how vulnerable we are online - I mean, I thought China had some serious cybersecurity measures in place 💻. Guess you never know what's lurking beneath the surface 😳. Pinduoduo needs to step up their game and show us they're taking these issues seriously 💪!
 
Ugh, this is super concerning 🤯... I mean, how did Pinduoduo's app get away with this for so long? 🙄 The fact that they have a core group of 20 engineers who specialize in finding vulnerabilities just stay at the company after the malware was removed is red flagged 🚨. And the Chinese regulators are supposed to be monitoring these things, but it seems like they're not doing their job 🤔.

I'm also annoyed that the cybersecurity expert's original post got censored 🤖... shouldn't they be allowed to speak freely about such important issues? 😒 The lack of accountability from Pinduoduo and regulators is frustrating me, and I hope something gets done about it soon 💯.
 
I'm freaking out over this! 🤯 I mean, Pinduoduo is like a major online shopping platform in China and they can't even keep their own app malware-free? 😂 This is so not acceptable! The fact that the Chinese regulators failed to detect it and now some super-skilled engineers are still stuck at the company because of it? 🤯 It's like, come on! You've got to stay vigilant when it comes to online security. I mean, Kendra Schaefer said it all - regulators should have picked up on this a long time ago! 👀 And now there's even censorship happening? 🚫 Like what? Don't want us to talk about this anymore? 💁‍♀️ Seriously though, this is a huge deal and we need to keep pushing for better cybersecurity measures in China. 💪
 
omg, this is so worrying 🤯 i remember when my cousin's sister used to shop on Pinduoduo all the time, she never thought that her info would be compromised like that 😱. it's crazy how these hackers can sneak in malware without anyone noticing 👀. i think it's clear that regulatory oversight needs to step up their game ⚠️. it's not just about detecting malware, but also understanding the implications of data protection 🤔. and censorship? what even is that? 🙅‍♂️ it's like, if someone speaks out against something, they get silenced 💔. anyway, i hope Pinduoduo gets its act together and fixes these issues ASAP 💪.
 
omg 😱 just read about this malware discovery on Pinduoduo 🤖 and i'm literally shaking my head... like, how did a chinese company like that not even have a basic security audit in place? 🙄 and what's with the whole "regulatory oversight failure" vibe 🤦‍♀️ - it's just so... convenient 🙃 for them to sweep it under the rug (or rather, under their app store) and let those 20 engineers just waltz outta there 🚪👋 meanwhile i'm over here trying to keep my own devices secure 🔒💻
 
You must log in or register to reply here.
Back
Top