9-11GaveMe5G t1_jdwq1k2 wrote on March 27, 2023 at 7:20 PM

> Last Monday, TechCrunch reported that Pinduoduo was pulled from Play after Google discovered a malicious version of the app available elsewhere

Google got in front of one for once. I knew they could do it!

thawingSumTendies OP t1_jdwq7pw wrote on March 27, 2023 at 7:21 PM

Hopefully that’s good omen.

The sooner malicious apps are taken down, the better it is for all Android users.

SwallowYourDreams t1_jdxp5ly wrote on March 27, 2023 at 11:16 PM

And yet, they needed (what appear to be) two whistleblowers and a security to point them to this. None of this was discovered by Google themselves - others tipped them off.

Ok-Gate6899 t1_jdwsnx9 wrote on March 27, 2023 at 7:36 PM

it remind me when facebook tried to buy phone exploits too to built it in their app, i don't remember from who - wasn't from cellebrite?

Edit, it was from NSO

SwallowYourDreams t1_jdxpufb wrote on March 27, 2023 at 11:21 PM

What. The. Actual. Fuck?! I seem to have completely missed this. How come there was not more of an outcry about this? That's horrific! Thanks for sharing, mate!

nicuramar t1_jdzv5dw wrote on March 28, 2023 at 12:25 PM

Probably because

It's a claim.
The devil is in the detail. They were probably not shopping for an exploit, but for other monitoring software. The article indicates as much.

The "phone exploits too to built it in their app" from parent is not really supported in the article.

nicuramar t1_jdzvap2 wrote on March 28, 2023 at 12:26 PM

I don't think the article supports your "phone exploits too to built it in their app" claim, though.

[deleted] t1_je18dyg wrote on March 28, 2023 at 6:00 PM

[deleted]

mr-poopy-butthole-_ t1_jdx6ad7 wrote on March 27, 2023 at 9:03 PM

The blanket denial sums it up for me

nicuramar t1_jdzut8l wrote on March 28, 2023 at 12:22 PM

Does it? So what if they didn't actually put the exploit in, what would you have them do then? The article states that the origin and nature are as of yet unknown.

mr-poopy-butthole-_ t1_jdzuybq wrote on March 28, 2023 at 12:23 PM

Um I dunno, maybe explain in detail how it couldn't have been them, maybe?

nicuramar t1_jdzvns1 wrote on March 28, 2023 at 12:30 PM

But it could be them, so that’s not really possible. You wouldn’t believe any explanation anyway. But it could also not be them.

qunow t1_je3v9u8 wrote on March 29, 2023 at 5:43 AM

If it is not them then they should have said it is likely from malicious third party

[deleted] t1_jdzuuoy wrote on March 28, 2023 at 12:22 PM

[removed]

Android app from China executed 0-day exploit on millions of devices

Comments