The article discusses the discovery of malware in Pinduoduo, a Chinese e-commerce company, which was found to be exploiting vulnerabilities in its app. The malware allowed the company to access users' personal data, including locations, contacts, and social media accounts, without their consent.
The investigation into the malware was led by two cybersecurity experts, René Mayrhofer of the Johannes Kepler University Linz in Austria and Sergey Toshin of Oversecured, who found that the app had been using a technique called "code obfuscation" to hide its malicious code from regulators. The company subsequently removed the exploits from the app and disbanded a team of engineers and product managers who had developed them.
The article also notes that Pinduoduo's apparent malware would be a violation of China's data privacy laws, which were introduced in 2021. The Ministry of Industry and Information Technology, which regulates cybersecurity in China, has regularly published lists of apps found to have undermined user privacy or other rights, but Pinduoduo did not appear on any of these lists.
The article suggests that the lack of action from regulators is due to a lack of understanding among regulators about coding and programming. A cybersecurity expert with 1.8 million followers wrote on Weibo that "probably none of our regulators can understand coding and programming, nor do they understand technology."
Overall, the article highlights the importance of cybersecurity and data privacy in China's e-commerce industry, particularly given the country's growing regulatory clampdown on Big Tech companies.
Key points:
* Pinduoduo's app was found to be exploiting vulnerabilities that allowed it to access users' personal data without their consent.
* The company removed the exploits from the app and disbanded a team of engineers and product managers who had developed them.
* China's data privacy laws, which were introduced in 2021, would prohibit Pinduoduo's apparent malware.
* Regulators in China have been slow to take action against apps that undermine user privacy or other rights, citing a lack of understanding about coding and programming.
Sources:
* Reuters: "China's Pinduoduo removes 'malware' after outcry"
* Weibo: "Probably none of our regulators can understand coding and programming, nor do they understand technology."
* CNN: "Pinduoduo's malware exposed as 'code obfuscation' technique used to hide malicious code from regulators"
Note: The article appears to be a news piece, and the tone is neutral. However, some of the language used by the cybersecurity expert on Weibo is critical of the regulatory environment in China, which may be seen as biased or sensationalist.
The investigation into the malware was led by two cybersecurity experts, René Mayrhofer of the Johannes Kepler University Linz in Austria and Sergey Toshin of Oversecured, who found that the app had been using a technique called "code obfuscation" to hide its malicious code from regulators. The company subsequently removed the exploits from the app and disbanded a team of engineers and product managers who had developed them.
The article also notes that Pinduoduo's apparent malware would be a violation of China's data privacy laws, which were introduced in 2021. The Ministry of Industry and Information Technology, which regulates cybersecurity in China, has regularly published lists of apps found to have undermined user privacy or other rights, but Pinduoduo did not appear on any of these lists.
The article suggests that the lack of action from regulators is due to a lack of understanding among regulators about coding and programming. A cybersecurity expert with 1.8 million followers wrote on Weibo that "probably none of our regulators can understand coding and programming, nor do they understand technology."
Overall, the article highlights the importance of cybersecurity and data privacy in China's e-commerce industry, particularly given the country's growing regulatory clampdown on Big Tech companies.
Key points:
* Pinduoduo's app was found to be exploiting vulnerabilities that allowed it to access users' personal data without their consent.
* The company removed the exploits from the app and disbanded a team of engineers and product managers who had developed them.
* China's data privacy laws, which were introduced in 2021, would prohibit Pinduoduo's apparent malware.
* Regulators in China have been slow to take action against apps that undermine user privacy or other rights, citing a lack of understanding about coding and programming.
Sources:
* Reuters: "China's Pinduoduo removes 'malware' after outcry"
* Weibo: "Probably none of our regulators can understand coding and programming, nor do they understand technology."
* CNN: "Pinduoduo's malware exposed as 'code obfuscation' technique used to hide malicious code from regulators"
Note: The article appears to be a news piece, and the tone is neutral. However, some of the language used by the cybersecurity expert on Weibo is critical of the regulatory environment in China, which may be seen as biased or sensationalist.
. I mean, Pinduoduo's got some 'splainin' to do about how they managed to sneak malware onto their app and get away with it for so long. It's not exactly rocket science, but apparently regulators in China need a crash course on coding basics too 
. I mean, we're living in a world where Big Tech companies can basically do whatever they want and the regulators just turn a blind eye 
. It's not exactly confidence-inspiring when you see companies like Pinduoduo getting away with stuff that would be a scandal if any other company did it 
.
. Even if regulators are clueless about coding, it's still on us to keep an eye out for suspicious activity and demand more from these companies 
.
and yeah it's not great that pinduoduo got away with it for a while but at least they listened to the criticism and took down the malware 
. I mean, come on, they're literally stealing people's personal data without even asking! It's like they think nobody's watching 
. And what really gets me is that the regulators in China are all like "oh no, we don't understand coding and programming" 
It just goes to show that even with laws on the books, there are always going to be companies looking to exploit loopholes or skip over rules altogether 
. Can't trust anyone these days 
.
. The fact that their malware utilized code obfuscation to evade detection is a clear indication of the sophistication and complexity of modern cybersecurity threats 
. The lack of urgency from regulators, as suggested by the cybersecurity expert's statement, highlights a pressing need for greater awareness and understanding among those responsible for enforcing China's data privacy laws 
. A more concerted effort to educate regulators about coding and programming would likely lead to more swift action against rogue apps like Pinduoduo 
IT JUST GOES TO SHOW THAT EVEN BIG COMPANY LIKE PINDUODUO CAN GET CAUGHT UP IN THE GAME! 
AND THE WORST PART IS, REGULATORS IN CHINA SEEM TO BE LACKING UNDERSTANDING ABOUT HOW CODE WORKS, WHICH IS JUST A BUNCH OF TECHNOLOGY SLOBBERING ALL OVER THE PLACE!!! 
BUT SERIOUSLY, THIS IS A BIG DEAL FOR CYBERSECURITY FANS LIKE ME, BECAUSE WE KNOW HOW IMPORTANT PROTECTING USER DATA REALLY IS! 
. It's not like it's rocket science or anything... and it's definitely not a good look for China's data privacy laws if they can't even get that right 
that's not good enough, we need action now!
), but this is just unacceptable. I hope they get taken down a peg and some real changes are made to their security protocols ASAP! 