On Monday, Google announced that it had marked several apps created by a Chinese e-commerce giant as malware, alerting users who had them installed, and suspended the company’s official app.
In the last couple of weeks, multiple Chinese security researchers accused Pinduoduo, a rising e-commerce giant with nearly 800 million active users, of creating Android apps that contain malware designed to monitor users.
Ed Fernandez, a Google spokesman, said that “non-Play versions of this app that contained malware were applied through Google Play Protect,” referring to apps that are not on Google Play.
Indeed, Google has configured Google Play Protect, its Android security mechanism, to prevent users from installing these malicious apps and warn those who already have them installed, asking them to uninstall them.
Fernández added that Google has suspended the official Pinduoduo app on the Play Store “for security reasons while we continue our investigation.”
A security researcher, who asked to remain anonymous, alerted TechCrunch to the claims against the apps, saying they also analyzed the apps and found that the apps were exploiting multiple zero-days to hack their users.
Pinduoduo did not respond to a request for comment.
In a test, TechCrunch installed one of the suspected malicious applicationsthat a message from Google appeared alerting that the application is malicious.
It is important to note that Google Play is not available in China and, according to anonymous security researchers, the malicious apps were present in the custom app stores of phone makers Samsung, Huawei, Oppo, and Xiaomi.
None of these companies responded to a request for comment.
Do you have more information about crypto hacks or crypto mixing services? We would love to hear from you. From a non-work device, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Wickr, Telegram and Wire @lorenzofb, or email [email protected] . You can also contact TechCrunch via SecureDrop.
