This article reports on the discovery of a team at Pinduoduo, a Chinese e-commerce company, that was developing malware for the company's app. The team, composed of engineers and product managers, had been working on exploiting vulnerabilities in the app to gain access to users' personal data and other sensitive information.
The discovery was made by cybersecurity experts who analyzed the app and found that it was requesting a large number of permissions beyond what was normal for a shopping app. An investigation by CNN revealed that the team behind the malware had been disbanded, but some members were still working at Pinduoduo in roles unrelated to malware development.
Tech policy experts say that the discovery is embarrassing for the Chinese government's regulatory agencies, which are responsible for overseeing companies like Pinduoduo and enforcing data protection laws. The Ministry of Industry and Information Technology has not commented on the matter, but some cybersecurity experts have criticized regulators for failing to detect the malware.
The article also notes that Pinduoduo has been able to grow its user base despite a regulatory clampdown on Big Tech in China, which began in late 2020. The company's apparent failure to comply with data protection regulations is seen as another example of the challenges faced by regulators in keeping pace with the rapidly evolving technology landscape.
Overall, the article highlights the importance of cybersecurity and data protection in the digital economy, particularly in countries like China where regulatory oversight can be limited.
The discovery was made by cybersecurity experts who analyzed the app and found that it was requesting a large number of permissions beyond what was normal for a shopping app. An investigation by CNN revealed that the team behind the malware had been disbanded, but some members were still working at Pinduoduo in roles unrelated to malware development.
Tech policy experts say that the discovery is embarrassing for the Chinese government's regulatory agencies, which are responsible for overseeing companies like Pinduoduo and enforcing data protection laws. The Ministry of Industry and Information Technology has not commented on the matter, but some cybersecurity experts have criticized regulators for failing to detect the malware.
The article also notes that Pinduoduo has been able to grow its user base despite a regulatory clampdown on Big Tech in China, which began in late 2020. The company's apparent failure to comply with data protection regulations is seen as another example of the challenges faced by regulators in keeping pace with the rapidly evolving technology landscape.
Overall, the article highlights the importance of cybersecurity and data protection in the digital economy, particularly in countries like China where regulatory oversight can be limited.
... anyway, back to Pinduoduo - yeah, it's crazy how they managed to evade the regulators for so long 
. I mean, what's even more wild is that their growth didn't seem to be affected by this whole thing... like, how are they pulling off this cyber-malware stuff on the side? 
Don't get me wrong, data protection is super important and all, but can't we just have a good old-fashioned "no malware" rule? 
. Guess that's what happens when you're too slow to keep up with the cyber world 
. Anyone think they'll get their mojo back after this? 
. You'd think they'd at least use a consistent font throughout their code 
. Anyway, I don't know how the regulatory agencies are going to catch all these tech companies in the act 
. And can we talk about the lack of whitespace in the article? It's like they just threw a bunch of paragraphs together without thinking about layout or flow 
.
. It just goes to show how hard it is to keep up with the latest tech trends and ensure proper data protection. I mean, who doesn't love a good shopping app? 
Pinduoduo gotta step up their game on security lol they think they can just exploit users' info without anyone noticing? 
and its not just pinduoduo, every1 gotta be on the lookout for these types of threats. i remember my grandma getting scammed on ebay when she was still learning to shop online lol anyway, this whole thing is like a wake-up call 4 all of us 2 get our tech acts together 
. It just means they need to stay on top of things and adapt faster to new tech threats. And hey, at least Pinduoduo's taking responsibility for their mistakes and trying to make it right 
.
. After all, we've all made mistakes in the past, even if we don't always admit 'em 
pinduoduo's been growing so fast, must be great for them having a team of 'malware devs' working under the radar... sounds like a real model for data protection 
anyway, it's just another example of how China's regulatory landscape is still trying to catch up with the rest of the world. it's not like they're alone in this though, plenty of other countries have similar issues 
just thinking about this is giving me a chill... like how hard is it to write secure code? 
and i'm curious, what kinda regulations would need to be put in place to prevent this kind of thing from happening again? 
! who would've thought that one of the biggest e-commerce companies in china was involved in something as shady as malware? i mean, it's just another reminder how important it is to have strong cybersecurity measures in place 
. and to think that some people were still working at pinduoduo after the team behind the malware was disbanded... like, what even is the point of having regulations if they're not being enforced? 
anyway, i'm just glad that cybersecurity experts are on top of this stuff and keeping us safe online 
. btw, it's so impressive how pinduoduo has been able to grow its user base despite all the regulatory issues... maybe they should take some lessons from companies like facebook and google on how to prioritize data protection? 
... like we didn't see this coming from Pinduoduo 
? 
... it's about time we get some real info on how these companies are getting away with all this 
. I mean, China's regulatory agencies are supposed to be on top of things, but apparently they dropped the ball 
I mean come on, a major Chinese e-commerce company is found to be secretly developing malware? It's not just embarrassing for Pinduoduo, it's also super concerning for user safety and data protection. 
I think this says something about the need for more transparency and accountability from these companies, not just in terms of data protection but also in terms of their overall business practices.
The fact that some members of the team were still working there in different roles is just gross. It's like, how can you trust a company if you know they've been involved in something as shady as malware development?
We need more journalists like them who aren't afraid to dig deep and hold companies accountable for their actions.
I mean, think about all those people whose personal info was compromised... it's crazy to me that Pinduoduo wasn't taking this stuff seriously enough. Like, if you're a company, shouldn't you be protecting your users' data? 
is crazy. and the fact that some people who worked on it are still working there in other roles is wild 
like, how did they get away with it? 
but we gotta give props to the cybersecurity experts who caught this stuff 
they're heroes in my book 
it's no wonder the chinese gov is keeping quiet about this, gotta keep up appearances