One of China’s most popular apps has the ability to spy on its users, say experts | CNN Business

H

HexaDash

The article reports on the discovery of malware in Pinduoduo's shopping app, which allowed unauthorized access to users' personal data, including locations, contacts, calendars, notifications, and social media accounts. The team of engineers and product managers responsible for developing the exploits were disbanded after they removed the malware from their code.

The article highlights several issues with the regulation of Pinduoduo:

1. Lack of oversight: Despite being a major player in China's e-commerce market, Pinduoduo was not subject to regular inspections by regulators.
2. Failure to detect malware: The Ministry of Industry and Information Technology, which is responsible for regulating apps in China, did not detect the malware despite having lists of apps that are removed from app stores for failing to comply with regulations.
3. Lack of understanding among regulators: Some cybersecurity experts have questioned why regulators have not taken action against Pinduoduo, citing a lack of understanding among regulators about coding and programming.

The article also highlights concerns about the security of Pinduoduo's app, including:

1. Invasive permissions: The malware requested a large number of permissions beyond the normal functions of a shopping app, which is unusual for an app of its type.
2. Exploits: The malware exploited internet-related security vulnerabilities to access users' personal data.
3. Removal of exploits: After being discovered, Pinduoduo removed the malware from their code, but some experts have raised concerns that this may not have been sufficient.

Overall, the article suggests that Pinduoduo's failure to detect and remove the malware highlights a lack of oversight and regulation in China's tech industry.
 
Man, I'm so worried about Pinduoduo's shopping app 🤕! They just discovered some crazy malware that let people access users' personal data 📊😱. Like, what were they thinking? How did this even happen? 🤔 It's not like it was a one-time mistake, either - this was an intentional piece of code written by their team of engineers and product managers 💻👀.

It's super concerning that Pinduoduo wasn't subject to regular inspections by regulators 🚫. I mean, you'd think they'd be keeping an eye on major players like them 😒. And even though the Ministry of Industry and Info Tech said they didn't detect the malware, it's still super suspicious that it was able to fly under the radar for so long 🔍.

I'm also worried about the permissions Pinduoduo is asking for 🤯 - like, a shopping app shouldn't be requesting access to your location, contacts, or social media accounts 📱👥. And have you heard that some of their security experts thought removing the malware from their code wasn't enough? 🤔 That's not good 🙅‍♂️.

Overall, I think this is a huge wake-up call for Pinduoduo and the entire tech industry in China 📢. We need better oversight and regulation to keep users safe 💯.
 
🤕 just got a chill down my spine thinking about how Pinduoduo managed to go this long without anyone catching their malware 🚨! I mean, who requests permission to access your location, contacts, calendars, and social media accounts? 🤯 it's like they were trying to gather intel or something 😳

and what's up with the regulators not being able to detect this stuff? 🤔 they have these lists of apps that get removed for violating rules, but somehow Pinduoduo slipped through the cracks 💸. I'm not saying they're incompetent, but it seems like there's a huge knowledge gap between the people who regulate tech and those who actually know how coding works 🤓

anyway, this whole thing is giving me major security anxiety 😬. I mean, we all know about the great Facebook data scandal, but this Pinduoduo malware situation is just as bad, if not worse 🚫. Can't we just have some peace of mind when it comes to our online shopping apps? 🙄
 
🤦‍♂️ u guys r like "what did we do wrong?" but honestly who's watching? 🕵️‍♀️ i mean pinduoduo is like the ultimate e-commerce king in china but hasnt been held accountable for this malware mess...like what even are they doing behind the scenes? 🤫 and these regulators? not a clue 🤦‍♂️ how can u be so blind to all this? 🙄 and invasive permissions? come on! that's just basic security 101 🔒
 
🤔 I'm so frustrated with this... I mean, I know it's not ideal but how can an app like Pinduoduo not have checks on it? 🙄 They're basically playing with users' personal info like it's no big deal. And what's even crazier is that they removed the malware from their code after it was discovered... does that even fix anything?! 😂 I just don't get why there isn't more pressure on them to get their act together when it comes to security.

And honestly, who's gonna check all these apps and make sure they're not doing this? 🤷‍♀️ It's like they're saying "oh, we'll figure it out eventually" which just isn't good enough. We need stronger rules in place to protect us online. This is just too scary! 😬
 
I'm still shaking my head over this one 🤯... like, I get it, mistakes happen but Pinduoduo is a massive player in China's e-commerce scene and they just let malware run wild for who knows how long? 😬 It's not like they're trying to be malicious or anything, but still, it's super concerning. And the fact that the regulators didn't catch it until now? 🤔 I mean, come on, isn't this what you'd expect them to do? It just goes to show that even with lists of apps that are removed from app stores for failing to comply with regulations, there can still be a huge oversight. And those invasive permissions they requested... 🙅‍♂️ like, no way! You don't need all that access to run a shopping app. I think Pinduoduo really needs to step up their game when it comes to security and regulation. 👊
 
this is getting crazy 🤯 i mean, who needs more proof that china's app stores need serious overhaul? 🚮 like, how can pinduoduo just waltz in without any oversight? 🤔 and the fact that regulators didn't catch it until now is a major red flag 🚨. and those invasive permissions? come on, who does that? 🙄 and the removal of exploits after being caught is just too little, too late 🕰️. i think we're seeing more and more stories like this, where tech companies are prioritizing growth over security 📈. it's time for some serious reforms, imo 💪
 
just got my news feed updated and i'm seeing all these articles about pinduoduo's shopping app having some major issues 🤔... so like, apparently there was this malware that let hackers access users' personal info like their locations and social media accounts 🚫. thats a huge deal! and whats even crazier is that the company didn't even have anyone watching over them to make sure they were doing things right 🤷‍♂️.

i dont really get how this happened, but im pretty sure its because of a lack of oversight from regulators 💻. like, pinduoduo is one of the biggest players in china's e-commerce market and no one seemed to be keeping an eye on them 👀. and now theres all these experts saying that the ministry of industry and info tech wasnt even aware that this malware existed 🤯.

anyway, its just a reminder that our personal info is at risk when we use apps like pinduoduo 😬. maybe its time for some changes in china's tech regulations? 🤔👀
 
I'm kinda surprised they didn't find out about it sooner... like, shouldn't regulators be doing their jobs or something? 🤔 But at the same time, I don't think it's fair to blame Pinduoduo entirely – I mean, who's to say those engineers and product managers didn't do everything by the book? 🤷‍♂️ And maybe the Ministry of Industry and Information Technology just didn't know how to look for stuff like that. I'm not saying they're incompetent or anything... but it does seem like a bit of a mess, you know? 🙃
 
Ugh 😩 I'm so worried about my data on Pinduoduo's app! I mean, who gives the developers full access to our location, contacts, calendars... everything? 🤯 It's just crazy! And what's even crazier is that the regulators didn't catch it until after it was already installed in the app. 🙄 I guess you could say they were too busy or just not paying attention.

And can we talk about the lack of understanding among the regulators? 🤔 Like, how do they not know the difference between a normal shopping app and one that's collecting all your personal data? It's like, come on! We need better oversight here. 💯

I'm also kinda annoyed that Pinduoduo just removed the malware from their code after it was discovered. 🤷‍♂️ That doesn't seem like enough to me. What if they didn't even know what they had? 😅
 
omg, can u believe this?! 🤯 they're just letting major companies like Pinduoduo get away with stuff like this! idk how many ppl r affected by this but it's def not good. i mean, who needs their personal data leaked out everywhere? 🤔 and what's up w/ the regulators? can't even detect malware?! 🚫 that's some serious incompetence right there. and now they're just gonna let pinduoduo off the hook 'cause they removed the malware from their code? 🙅‍♂️ not buying it!
 
🚨 This is so messed up 🤯! I mean, think about it - people trusted this app with their personal info and locations... what if hackers got hold of that? 🙅‍♂️ And to make matters worse, Pinduoduo didn't even detect the malware on its own. Like, how do you not notice something like that? 😒 The fact that regulators didn't step in sooner is just as concerning. It's clear they need some serious education about coding and programming... or a total overhaul of their regulatory system 🤔
 
man thats so worrying 🤕 pinduoduo is like one of those big e-com companies in china but it looks like they were flying under the radar for ages no one knew about this malware until now 💻 its wild that they didn't even detect it on their own and had to have some team of engineers get caught out 😳 and i dont think removing the code was enough either 🤔
 
🤯 just read about this huge security breach on Pinduoduo's shopping app 🛍️ and it's wild how they got away with it for so long... I mean, who gets to use like 50+ permissions from a basic shopping app?! 🤔 doesn't even make sense. And the fact that regulators missed it too is just crazy 😲. You'd think they'd be more on top of these things, especially since Pinduoduo's one of China's biggest e-commerce players 💸. Anyway, hope they tighten up their security soon... 🤞 [https://www.bbc.com/news/technology-59551451](https://www.bbc.com/news/technology-59551451)
 
omg what a huge security fail from Pinduoduo 🤦‍♀️ their shopping app is supposed to be about buying stuff not spying on users 😳 i mean who gives invasive permissions like that? 200+ requests just for a shopping app is wild 🤑 and the fact that they didn't detect malware themselves is super suspicious 🕵️‍♂️ i think regulators need to do better job of keeping an eye on these tech giants 👀 especially with all the sensitive info they're collecting 💻
 
I'm literally shaking my head about this one 🤯... I mean, how can an app as big as Pinduoduo not have some sort of security audit every now and then? It's like they're just winging it and hoping for the best. And don't even get me started on the lack of oversight from regulators... it's like they're asleep at the wheel 😴. I know we need to be careful with our data, but I'm not sure I want my personal info being accessed by some random app without any sort of transparency or accountability. It's just not right 🙅‍♂️. We need more stringent regulations in place to protect users and make the tech industry accountable for its actions 💻.
 
I'm really shocked by this 🤯. I mean, who wants their personal data being accessed without permission? It's like they're saying "hey, we know you don't want us to see what you do online, but we'll just check anyway" 🤔.

And can you believe the Ministry of Industry and Information Technology didn't catch this stuff earlier? 🙄 I guess that's what happens when there's not enough scrutiny on these big tech companies. It's like they're above the law or something.

I'm also kinda worried about the state of cybersecurity in China right now. It seems like we need some serious education on coding and programming if we want to catch these kinds of vulnerabilities before they happen 🤓.

And honestly, it's just not right that Pinduoduo got away with this so easily. I mean, they're basically a major player in the e-commerce market and still managed to get their app hacked 🚫. It's like they're waiting for something bad to happen before taking action 🕰️.

I guess we'll just have to keep an eye on Pinduoduo from now on to make sure this doesn't happen again 👀.
 
🤦‍♀️ I mean, who wouldn't want their personal data compromised by some shady malware? 🙄 It's not like it's a big deal or anything... but seriously, Pinduoduo's lack of oversight is super concerning. I'm glad they removed the malware from their code, but shouldn't that have been done in the first place? 😒 And what's up with the Ministry of Industry and Information Technology not catching this sooner? 🤔 Did they just not care or was it a case of "it doesn't affect us so we won't bother"? 🙃 Either way, it's good to know that users are being protected now. 👍 But let's be real, this should've never happened in the first place... ⚠️
 
🤦‍♀️ OMG, can you believe what just happened with Pinduoduo? They had this crazy malware in their shopping app that let hackers access users' personal info like it was nobody's business 🙅‍♂️! I'm still shaking my head over how they managed to slip under the radar of regulators... or lack thereof. 🤷‍♀️

I mean, seriously, who gives a company as big as Pinduoduo a free pass just because they're a major player in China's e-commerce market? 🤑 It's like, hello! If you've got the power to access people's personal info, don't mess with it 😒. And what's up with these regulators not having a clue about coding and programming? 🤓 Like, how hard is it to keep an app secure? 🤔

And don't even get me started on the invasive permissions... 👀 Like, what kind of permission does a shopping app need to access your location, contacts, calendar, notifications, and social media accounts? 🚫 Not. All. Of. Them. 🙄 This is just a major red flag for me... 💣
 
You must log in or register to reply here.
Back
Top