Exclusive investigation from CNN: ‘I’ve never seen anything like this’ – A dangerous technology from China is threatening millions of people!

Shocking discovery

According to CNN (USA), Pinduoduo is one of China’s most popular shopping apps, providing all kinds of clothing, necessities, etc. to more than 750 million users every day.

But recently, cybersecurity experts warned that Pinduoduo can bypass the protection barrier on users’ mobile phones to track their activities on other applications, even control Check notifications, read private messages, and change user settings.

Although there are many other applications today that are also collecting large amounts of user data without their explicit consent, experts say, “e-commerce giant” Pinduoduo has take privacy and data security breaches to the next level.

During his detailed investigation, the CNN reporter spoke with groups of security experts from Asia, Europe and the United States, as well as many former and current Pinduoduo employees.

As a result, many experts have identified the presence of malware on the Pinduoduo application. Its purpose is to exploit vulnerabilities in the Android operating system.

Pinduoduo employees say that data mining is used by the company to track users and competitors, thereby boosting sales.

“We’ve never seen a mainstream app seek to escalate its privileges to gain access,” said Mikko Hyppönen, research director at WithSecure, a Finnish cybersecurity company. into things it shouldn’t be. This is very unusual, and it’s disastrous for Pinduoduo .”

Previously, in March, Google decided to suspend the operation of Pinduoduo application on the Google Play store due to the presence of malware in some versions of this application.

According to a Bloomberg report, a Russian cybersecurity company has also identified that there is potential malware in the Pinduoduo app.

For its part, Pinduoduo refutes speculations and allegations that the company’s app is malicious.

CNN has repeatedly contacted the PDD via email and phone to ask for comment on the incident, but have not received any response.

Pinduoduo’s ‘Secret Army’

According to an unnamed employee working at Pinduoduo, in 2010, the company formed a team of about 100 engineers and product managers to find vulnerabilities in Android phones and develop ways to exploit them.

The company initially only targeted users in rural areas and small towns, avoiding users in megacities like Beijing and Shanghai.

” The goal is to reduce the risk of being exposed, ” – this person said.

By collecting extensive data about users’ activity, Pinduoduo was able to create a comprehensive picture of their habits and preferences, thereby refining the machine learning model to provide multiple push notifications. and personalized advertising, enticing users to open the app and place an order.

The source added that the group was disbanded in early March after suspicions about their activities came to light.

What did the experts find?

After being contacted by CNN, researchers from Tel Aviv-based network company Check Point Research (Israel), application security company Oversecured in Delaware (USA) and WithSecure (Finland) conducted an analysis. Standalone version 6.49.0 of the Pinduoduo app, released on China’s app stores at the end of February.

Since Google Play is not available in China, Android users in the country have downloaded the app from local app stores. In March, when it suspended the Pinduoduo app, Google also said that it had found malware in the off-Play versions (not on the Google Play store) of the app.

Experts have found code programmed to exploit an operating system with many vulnerabilities, in order to gain a higher level of data access than necessary.

“Our team reverse-analyzed that code. We can confirm that it’s trying to gain access to things that normal apps can’t do on Android phones” – Research Director Mikko WithSecure’s Hyppönen said.

Mr. Hyppönen adds that the app can continue to run in the background and not be completely uninstalled. That allows it to increase its monthly active users rate. It is also capable of tracking competitors by tracking user activity on other shopping apps and getting information from them.

Check Point Research also found ways the app can evade surveillance. Specifically, it implemented a method that allows updates to be pushed without going through the app store review process to detect malicious apps. In addition, potentially malicious components are disguised as legitimate file names.

” This technique is widely used by malware developers to inject malicious code into applications with legitimate functions, ” the analysts said.

Sergey Toshin, founder of Oversecure, said Pinduoduo’s malware specifically targets Android-based operating systems, including those being used by Samsung, Huawei, Xiaomi and Oppo.

Toshin called Pinduoduo “the most dangerous malware” ever found among mainstream apps.

” I’ve never seen anything like it before,” Toshin said, adding that Pinduoduo exploited about 50 vulnerabilities in the Android operating system.

This exploit allowed Pinduoduo to access the user’s location, contacts, calendar, notifications, and photo albums without their consent. It can even change system settings, access social media accounts and user chats.

Of the six research groups CNN contacted, three did not conduct in-depth testing. However, their preliminary reviews all showed that Pinduoduo requested a large number of permissions that exceeded the normal functions of a shopping app.

These include “infringing rights” such as “set wallpaper” and “download without notice”.

CNN has reached out to the Ministry of Industry and Information Technology and the Cyberspace Administration of China for comment, but has not yet received a response.