Subscribe

Pinduoduo removed from Google Play Store after cyberattack

March 28, 2023

According to security researchers at Lookout, Pinduoduo has been involved in a complex malware attack through its application, enabling it to covertly commandeer millions of user devices, pilfer personal information, and deploy malicious software.

The Pinduoduo app’s harmful versions were discovered in unofficial app markets, which are commonly used by Chinese and international users who cannot access or find the official Google Play store. These malicious versions were not found on Google Play or the Apple App Store.

Lookout researchers discovered that at least two Android versions of Pinduoduo obtained from unofficial sources exploited CVE-2023-20963, a security flaw in Android that Google patched in recent updates made available to users two weeks ago.

The harmful software utilized by the application to conduct operations with elevated privileges utilized these privileges to get code from a designated developer site and execute it within a privileged environment. The malware was discovered by researchers after being reported last month by a research service named Dark Navy.
The report noted that the app included a “bundle feng shui-Android parcel serialization and deserialization [exploit] that appears to be unknown in recent years”. Subsequently, other individuals have shared evidence of the malware, including a user who gave researchers code and instructions to locate the alleged exploit.
Upon investigation, Lookout researchers identified that the application featured a capability that enabled it to be installed secretly and could not be uninstalled. Furthermore, it falsely raised the number of daily and monthly active users on Pinduoduo, uninstalled rival applications, took users’ privacy data, and circumvented various privacy compliance rules.

PDD Holdings, Pinduoduo’s parent company, denied the claims, stating that it “strongly reject[s] the speculation and accusation that the Pinduoduo app is malicious from an anonymous researcher”. Lookout researchers disagree, and added that a more thorough review will likely find more exploits in the app.

The sources for this piece include an article in ArsTechnica.

Top Stories

Bitcoin meltdown wipes out Trump-era gains

Taiwan rejects U.S. push to relocate chipmaking production

OpenAI and Anthropic go head-to-head with same-day AI model launches

Wikipedia positions itself as a defence against AI slop

French prosecutors raid X offices as Grok investigation widens

TELUS, L-SPARK partner to give startups access to domestic AI compute   

Related Articles

Researcher uncovers large-scale malware campaign hidden in AI bot marketplace

February 5, 2026 A security researcher at Koi named Oren Yomtov has uncovered a widespread malware operation embedded inside an more...

Millions of Fortinet devices exposed in active authentication-bypass attacks

February 4, 2026 More than three million Fortinet devices have been exposed to a critical authentication-bypass vulnerability that is being more...

Docker patches critical AI flaw that allowed code execution via container metadata

February 4, 2026 A now-patched security flaw in Docker’s built-in AI assistant exposed users to the risk of remote code more...

Breach on Canada Computers website may have exposed payment data 

January 28, 2026 A suspected credit card skimming attack on the Canada Computers online store may have quietly exposed customer more...

Picture of TND Newsdesk

TND Newsdesk

Picture of TND Newsdesk

TND Newsdesk

Jim Love

Jim is an author and podcast host with over 40 years in technology.

Share:
Facebook
Twitter
LinkedIn
Tech News Day is a daily publication featuring key news stories about technology and how it affects businesses.

Follow Us

X-twitter Linkedin-in

Popular categories

Tech News Delivered

New, Relevant Tech Stories. Our selection is done by industry professionals – executives like you who pick the top stories for that day. Our writers summarize them to give you the key takeaways.
Subscribe
© 2025 TECHNEWSDAY. All rights reserved.