According to cybersecurity researchers, Pinduoduo, a popular Chinese shopping app with more than 750 million users per month, has the capability to spy on its users. The app can bypass users’ cell phone security to monitor activities on other apps, read private messages, check notifications, and change settings.
Spoke to multiple cybersecurity teams from around the world and former and current Pinduoduo employees, who confirmed the presence of malware on the Pinduoduo app. They revealed that the app exploits vulnerabilities in Android operating systems and allegedly spies on users and competitors to increase sales. Experts have said that Pinduoduo’s violations of privacy and data security are of a different level to other apps. The article highlights how Pinduoduo has taken a different approach to collect user data, which allowed it to create a comprehensive portrait of users’ habits, interests, and preferences.
Pinduoduo has been suspended from Google’s Play Store since March, citing malware identified in versions of the app. A Russian cybersecurity firm also identified potential malware in the app. Pinduoduo has previously denied allegations of its app being malicious.
The rise of Pinduoduo was not an easy feat, as it had to compete with other e-commerce stalwarts, such as Alibaba and JD.com. Pinduoduo was founded in 2015 by Colin Huang, a former Google employee, and it succeeded by offering steep discounts on friends-and-family group buying orders and focusing on lower-income rural areas.
The allegations against Pinduoduo have come at a time of intense scrutiny of Chinese-developed apps such as TikTok, with concerns about data security. This could impact Pinduoduo’s international sister app, Temu, which is rapidly expanding in Western markets. There is no evidence that Pinduoduo has handed data to the Chinese government. However, as Beijing has significant leverage over businesses under its jurisdiction, concerns have been raised that any company operating in China could be forced to cooperate with a broad range of security activities.
The article emphasizes that Pinduoduo has taken privacy violations to another level and highlights how it’s alleged spying on users and competitors could impact its sister app’s global expansion. Pinduoduo has been accused of exploiting vulnerabilities in Android operating systems, allowing it to monitor activities on other apps, read private messages, check notifications, and change settings. Although Pinduoduo has denied the allegations, cybersecurity experts have confirmed the presence of malware on the app. The article also notes that American lawmakers are pushing for a national ban on the popular short-video app, TikTok, due to data security concerns.