Subj : The Pinduoduo malware executed a dangerous zero-day against milli To : All From : TechnologyDaily Date : Tue Mar 28 2023 15:45:04 The Pinduoduo malware executed a dangerous zero-day against millions of Android devices Date: Tue, 28 Mar 2023 14:35:21 +0000 Description: Pinduoduo was pulled from the Play Store for allegedly stealing sensitive data and deploying backdoors. FULL STORY ====================================================================== A new report has claimed Pinduoduo, a major Chinese shopping app, took advantage of a zero-day vulnerability in the Android operating system to elevate its own privileges, steal personal data from infected endpoints, and install malicious apps. The allegations were confirmed by multiple sources, including cybersecurity experts Kaspersky, which analyzed previous versions of the app that were still distributed through a local app store in China, and concluded that it exploited a flaw to install backdoors. Some versions of the Pinduoduo app contained malicious code, which exploited known Android vulnerabilities to escalate privileges, download and execute additional malicious modules, some of which also gained access to users notifications and files, Igor Golovin, a Kaspersky security researcher, told Bloomberg. Pinduoduo security Google and Android are both not available in China, meaning the Play Store isnt available there, either. However, ArsTechica reports that the versions of Pinduoduo that can be found on both the Play Store and the Apple store are clean. Still, Google pulled it from its app repository last week , and urged its users to uninstall it if they have it. The announcement called the app harmful, Bloomberg reported, and told its users that their data and devices were at risk.PDD, the company behind the app, denied any wrongdoing and said the apps were clean. Read more > Over 50 Chinese apps banned in fresh crackdown by the Indian government > AliExpress among 43 more Chinese apps banned: How will it impact Indian small businesses? > Keep your business safe with the best endpoint protection for small business We strongly reject the speculation and accusation that the Pinduoduo app is malicious from an anonymous researcher, the company told ArsTechnica in an email. Google Play informed us on March 21 morning that Pinduoduo APP, among several other apps, was temporarily suspended as the current version is not compliant with Googles Policy, but has not shared more details. We are communicating with Google for more information. Lookouts first analysis is that at least two versions of the app exploited a flaw tracked as CVE-2023-20963, which was patched roughly two weeks ago. It is an escalation of privilege flaw which was being exploited before Google publicly disclosed its existence. According to Christoph Hebeisen of Lookout, this is a very sophisticated attack for an app-based malware. In recent years, exploits have not usually been seen in the context of mass-distributed apps. Given the extremely intrusive nature of such sophisticated app-based malware , this is an important threat mobile users need to protect against. Check out the best firewalls right now Via: Bloomberg ====================================================================== Link to news story: https://www.techradar.com/news/the-pinduoduo-malware-executed-a-dangerous-zero -day-against-millions-of-android-devices --- Mystic BBS v1.12 A47 (Linux/64) * Origin: tqwNet Technology News (1337:1/100) .