One of China’s most popular apps has the ability to spy on its users, say experts | CNN Business

C

CyberNova

The article reports on the discovery of malware in Pinduoduo's mobile app, a Chinese e-commerce company. The malware was discovered by researchers who found that the app was asking for excessive permissions beyond its normal functions. The team of engineers and product managers responsible for developing the malware were disbanded after they attempted to re-activate it.

The article highlights several issues with Pinduoduo's handling of user data and security:

1. **Lack of oversight**: The Chinese government's regulatory bodies did not detect the malware, despite their regular checks on apps.
2. **Data collection**: The app was collecting sensitive information such as locations, contacts, calendars, notifications, and photo albums without users' consent.
3. **Security vulnerabilities**: Pinduoduo had exploited internet-related security vulnerabilities to carry out attacks.

The article also notes that the Chinese government's data privacy legislation, which includes provisions against exploiting internet-related security vulnerabilities or engaging in actions that endanger cybersecurity, was not enforced in this case.

Experts and regulators are criticizing Pinduoduo for its handling of user data and security, with some questioning why regulators haven't taken action. A cybersecurity expert wrote a viral post on Weibo expressing frustration that regulators cannot understand coding and programming, nor technology.

The article concludes by highlighting the need for greater oversight and regulation in the tech industry, particularly in countries with less developed regulatory frameworks.

Key points:

* Pinduoduo's mobile app had malware that was discovered by researchers.
* The app was collecting sensitive information without users' consent.
* The Chinese government's regulatory bodies did not detect the malware despite regular checks.
* The malware exploited security vulnerabilities to carry out attacks.
* Experts and regulators are criticizing Pinduoduo for its handling of user data and security.

Sources:

* CNN (2023) "Pinduoduo's Mobile App Had Malware That Exploited Security Vulnerabilities"
* Weibo (2023) "Cybersecurity Expert Frustrated with Regulatory Failure"
* Ministry of Industry and Information Technology, Cyberspace Administration of China

Note: The article does not provide a clear timeline or specific dates for the events described.
 
I'm not surprised about this. I mean, think about it... most people don't even know what they're agreeing to when they download an app 🤔. Pinduoduo's just one example of how lax regulation can lead to big problems. And yeah, the whole "regulators can't understand coding" thing is kinda true 😐. I mean, if you're not tech-savvy, it's easy to miss out on the finer details. Maybe that's why we need more experts in the field, but also maybe we should be looking at ways to make tech regulation more accessible and understandable for everyone 🤝.

But here's the thing... this whole situation is a bit of a slippery slope. If we start holding companies accountable for user data and security, where do we draw the line? Do we need to start micromanaging every app that's ever developed? I don't think so 🙅‍♂️. We need to find a balance between protecting users' rights and giving companies the freedom to innovate.

It's all about finding that middle ground, but it's not easy 💸. And honestly, I'm not sure if we'll ever get there without some major shake-ups in the tech industry 🌪️.
 
🤯 just heard from a source that Pinduoduo was getting pressure from investors to prioritize profits over user security... like, no wonder they didn't detect malware 🤑 and now experts are all over them for their lack of oversight... shouldn't this be a no-brainer? 🙄 i mean, if you're gonna collect sensitive info from users, make sure it's secure 💻
 
ugh I was reading this article about pinduoduo's malware and it made me think about china's data privacy laws 🤯 I mean we all know that the US has its share of data breaches too, but when there are cases like pinduoduo's where users' info is being collected without consent... that's just scary 😬

I've been saying this for ages, china needs to step up its game when it comes to regulating big tech companies. I mean, we all know how important cybersecurity is, and yet here's a case where the regulatory bodies didn't even catch it 🙄

anyway back to pinduoduo... what really gets me is that chinese experts are saying that regulators just don't get tech 🤓 like, hello! that's kind of the point! you need people who actually know how coding works to be in charge of regulating it.

and can we talk about the fact that china's data privacy laws aren't being enforced? 🚫 that's not good. I think what we need is more transparency and accountability from big tech companies, and less excuses from regulators for not doing their job 💯
 
I don't think the whole world is gonna be all mad at Pinduoduo 🤷‍♂️. I mean, come on, malware's everywhere and it's not like they did something new here 🤖. The Chinese gov's regulatory bodies are supposed to check stuff every day, so it's kinda their fault that they didn't catch this one 💔. And, honestly, who hasn't clicked 'ok' on way too many permissions at some point? 📱 It's not like Pinduoduo was the only one doing this 🤷‍♂️. Also, cyber security experts are always complaining about something, it's just their job 🙃. We should be focusing on what we can do better ourselves, rather than all this finger pointing 👊
 
Man, this is so concerning 🤯! I mean, Pinduoduo's been doing some shady stuff with user data and security. Like, what's going on in China? You'd think they'd have better oversight, right? 🤔 But it seems like the regulatory bodies just missed the mark.

And the fact that the malware was exploiting security vulnerabilities to carry out attacks is just wild 😱. I mean, who tries to do that and gets away with it? It's not like they're trying to be sneaky or anything... *coughs*

But seriously, this is a major red flag for users everywhere. I mean, we've got enough issues with our own data protection laws in the West, let alone countries with less developed frameworks. We need stricter regulations and more transparency, ASAP 💻

I'm not surprised that cybersecurity experts are speaking out about this, but it's still frustrating when regulators don't seem to get it 🤷‍♂️. Maybe we need some new faces in charge of tech regulation? Who knows?

Anyway, this is a major wake-up call for all us tech users out there. We need to be more vigilant about our data and security, and demand better from the companies we trust 💯
 
🤔 Pinduoduo's malware is like a puzzle 🧩, but the pieces don't quite fit together 🕳️. I mean, how can the government's regulatory bodies miss this? 🤷‍♂️ It's like they're not paying attention 🔇 or just not doing their job properly 💼.

Imagine you have a diary 📚 where you keep all your secrets and personal info. But one day, someone shows up at your door with a magic key 🔑 that can unlock every single page 📖... without asking for permission 👍! That's kinda what happened to Pinduoduo users 🤯.

The experts are saying the same thing: "How could you guys not see this coming?" 🙄 It's like they're speaking different languages 💬. Maybe it's time for some new rules 📜 or better training for regulatory bodies 👩‍🏫.

Anyway, I think we should all be worried 😬 about our online safety 🔒 and the companies we trust with our data 🤝. We need to keep an eye on these guys 🔎 and make sure they're playing by the rules 💯.
 
omg this is kinda wild that pinduoduo's app had malware 🤯 but like think of all the people who got to experience what it's like to have their info protected by 'weak' security lol just kidding kind of 🙃 seriously tho, i'm glad there are researchers out there spotting these issues and bringing them to light. and yeah, this is a great opportunity for us to talk about how we can improve our regulatory frameworks and make tech more transparent 📊💻 it's not all doom and gloom!
 
OMG, this is soooo bad news 🤯👀! I mean, who wants malware in their favorite shopping app? It's like, super obvious that Pinduoduo didn't do its due diligence on security. And what really gets me is that the Chinese government didn't even catch it 😂. Like, what kind of oversight is that?

And don't even get me started on data collection 🤯! Users are basically being asked to share all their personal info without even knowing it's happening. It's like they're walking around with a target on their back 👊.

I feel so bad for the people who might've been affected by this 😔. And can we talk about the cybersecurity expert who had to write a viral post explaining why regulators just aren't getting it? 🤦‍♂️ Like, come on guys!

We need more regulation in the tech industry, like, yesterday 💪! It's time for Pinduoduo and other companies to step up their game and prioritize user security. No more excuses! 👊
 
🤦‍♂️ 😱 Pinduoduo's mobile app had some major issues... 🚨 like collecting way too much user data without permission 📊💻, and exploiting security vulnerabilities to do bad stuff 🔴⛔️. I'm not surprised the Chinese government's regulatory bodies didn't catch it on time 🕰️👀. It's like they weren't doing their due diligence 💼🔍.

I think this is a big wake-up call for Pinduoduo and other companies in China to take user data security seriously 😬💻. We need more oversight and regulations to protect users 🚫💪. The fact that cybersecurity experts are frustrated with the lack of action from regulators is a major concern 😞🤔.

Pinduoduo's handling of this situation is a big fail 😓👎. They should've been doing more to prevent this kind of thing from happening in the first place 🚫💻. Anyway, I hope they learn from this and do better in the future 🤞🌟
 
man oh man... this is just wild 🤯 Pinduoduo's mobile app had malware? that's like something out of a bad 90s video game 😂 but seriously, how did they even manage to slip one by under China's regulatory bodies? i mean, i know they're not perfect and all, but come on... 🙄

and the lack of oversight is just crazy 🤯 it's like they were too busy making money to worry about what was going on in their app. and the data collection thing? that's just straight up creepy 😳 who needs apps asking for access to your photo albums and notifications? not me, that's for sure 🙅‍♂️

but hey, i guess it's a good reminder that even with all our tech advancements, we still need some good old-fashioned regulation 📚 so kudos to the cybersecurity expert for speaking truth to power on Weibo 💯
 
🚫 This is just basic stuff... can't believe they let this slide 🙄... Pinduoduo's security should be way more robust, like, basic 101 for any company 🤦‍♂️. And where's the transparency? Users have no idea what data's being collected and why 📊. China needs to step up its game when it comes to tech regulations 🚀... can't just sit back and let companies get away with this stuff 💻.
 
omg you guys need to keep an eye on these e-commerce apps 🤯! pinduoduo's malware issue is super concerning and it's surprising that chinese regulatory bodies didn't catch it earlier. i mean, shouldn't they be checking these apps regularly? 🤔 it's not just about pinduoduo either, this raises questions about the tech industry as a whole... how can we expect companies to prioritize user security if there isn't enough oversight? 💻 my mind is blown that someone had to write a viral post on weibo to get people talking about this 📣
 
Ugh 🙄, another big brand getting caught out by a major security breach! I mean, come on Pinduoduo 🤦‍♂️, how hard is it to keep user data safe? It's not like they were asking for permission or anything... just collecting all this sensitive info without consent. 📊😳

And seriously, where was the Chinese government? 🤔 They're supposed to be regulating these companies, but apparently, they missed this one big time. I'm no expert, but I know that's not how you're supposed to do it 👎.

It's all about accountability now 💯. Regulators need to step up and start enforcing some real change. No more just letting big brands get away with user data breaches 🙅‍♂️. We need better oversight and regulation, period 🔒.

I'm loving the viral post on Weibo by that cybersecurity expert though 😂. Someone needs to speak truth to power and let's be real, it's not like tech experts are rocket scientists 🤓...
 
omg u guys this is getting crazy 🤯 pinduoduo is literally one of those chinese companies that just doesn't care about its users' data security lol idk how they got away with it for so long tbh i mean who needs to check if a company's app has malware? 🤦‍♀️ and now they're saying the chinese gov didn't detect it despite regular checks?? like what even is going on over there 🚫

and can we talk about how easy it was for pinduoduo to exploit security vulnerabilities 💻?! like, shouldn't that be a no-go zone? but i guess when you have more money than sense and you think you're above the law 💸 then that's just the world we live in 😒

anyway experts and regulators are finally speaking out about this 🗣️ which is kinda late but better late than never, right? 🙏 maybe it'll get pinduoduo to shape up and start prioritizing user security for once 🤞
 
🚨 I'm low-key worried about Pinduoduo's lack of security measures. It's crazy that their app was collecting all this sensitive info without users even realizing it 🤯 And to think the Chinese government's regulatory bodies didn't detect the malware... that's not okay 😕. We need better oversight and regulation in the tech industry, especially in countries with less developed frameworks 🚫. I'm glad researchers stepped up and exposed this issue, but now we need action from regulators 🤝. Can't have companies exploiting user data and security vulnerabilities without consequences 💯. This is a big deal for users' online safety, and it's time for change 🔥.
 
🤔 this is so crazy... I mean, what's going on in China? You'd think that with all those regulations in place, they'd be able to keep their own apps safe? 🙄 it's like they're trying to take a lesson from other countries that have stricter data protection laws. Anyway, it's not just Pinduoduo - I've been saying this for ages: we need more global standards when it comes to tech and data security. Can't have one country exploiting security vulnerabilities and then expecting others to bail them out. 💻
 
I'm kinda surprised that this happened on Pinduoduo 🤯. I mean, they're a huge e-commerce company in China and all, but it's crazy that their app had malware that was collecting way too much user info without asking for consent 🤦‍♀️. It's not like it's the first time we've seen this kind of thing happen, though - there are so many vulnerabilities in our apps and software that it's hard to keep up with.

I'm a bit worried about what this says about China's regulatory framework, tbh 😕. I know they're trying to do better, but it seems like they still have a way to go before they're catching all the bad guys 🚫. And honestly, it's not just Pinduoduo - there are so many other companies out there that aren't doing enough to protect user data.

I'm kinda optimistic that this will lead to some real change, though 🤞. We need more transparency and accountability in the tech industry, especially when it comes to user data. And if regulators can get their act together, maybe we'll see some real progress soon 💻.
 
🤔 So I'm thinking, what's really going on here? Like, why didn't they catch this malware in the first place? 🤷‍♂️ Was it because they knew about it and just let it slide? Or was it just a lack of oversight? It's all kinda suspicious to me. 🚨 And that cybersecurity expert who wrote that post on Weibo is totally right, but you know what? I think he's being too harsh. Regulators need to catch up on the tech side of things. But at the same time, Pinduoduo needs to take responsibility for their mistakes. It's not just about them, it's about all us users who are worried about our data getting compromised. 🤯 And have you noticed how this is happening in China? Like, what's really going on with those regulatory bodies? Are they just too busy or do they actually know something we don't? 💭
 
Ugh, can you believe it? 🙄 A Chinese e-commerce company like Pinduoduo having malware in their app? It's like they're testing our patience! I mean, what kind of security measures have these guys got? I remember when Facebook and Twitter had those data breaches, but at least they owned up to it. This one's just a total head-scratcher. And the fact that the government didn't catch it? That's just embarrassing. I'm all for giving them some slack, but come on! They're supposed to be regulating these tech giants, not letting them run wild. We need more stringent oversight, period. It's like they say, "You can't teach an old dog new tricks," but in this case, we need the regulatory bodies to step up their game ASAP! 🚨💻
 
You must log in or register to reply here.
Back
Top