In a few months of existence, Ago has been installed on the smartphones of millions of users all over the world: the Chinese e-commerce site is slashing prices, so much so that Amazon, threatened, is seeking to copy the formula. But this dazzling success hides serious suspicions of espionage for the benefit of Beijing.
Temu Reading is a hit in France, despite suspicions of espionage
The platform denies any wrongdoing, but a complaint filed by the attorney general of the state of Arkansas has rekindled the doubts. The application is said to have secret access to location information, the camera, contacts, text messages, documents and, more generally, all the data from a smartphone’s applications, nothing less. Data that is then sold to third parties, always without the users’ consent.
The prosecutor also fears that Temu operator PDD Holdings is legally required to share the platform’s customer information with the Chinese government. A law requires companies to cooperate with Chinese authorities regardless of data protection laws in the United States or Europe.
The lawsuit is based in particular on a study by Grizzly Reports, which in fact takes up a good part of the discoveries of the specialist company WithSecure dating back to last year. It was a question of pointing the finger at the maneuvers of Pinduoduo, an e-commerce platform owned by PDD Holdings, and which allegedly served as a draft for Temu.
Security researchers have identified malware in the Pinduoduo app that exploits Android vulnerabilities to spy on users. This allows the app to access information it is normally not allowed to access and hide itself to avoid uninstallation.
Pinduoduo has been removed from Google Play, but despite similar concerns for Temu, Apple and Google’s stores have yet to take action against the top-ranked app.
According to the complaint, the Temu app, once downloaded, has the ability to modify its code. It would therefore be able to “transform” itself into malware after passing through the security gates of app stores… The attorney general is seeking an injunction to stop Temu from spying on its customers, financial penalties and the restitution of profits made by the sale of data and deceptive sales in the app.
A spokesperson for Temu told ArsTechnica the surprise and disappointment of the company after this filing of complaint “ without any independent fact-checking “. The platform believes that the accusations are based on “ misinformation circulating online » and that they are “ totally unfounded».
If Temu intends to defend himself, vigorously » against these attacks, the company nevertheless concedes that a “ meticulous examination » of his practices could be beneficial to him, given his “ innovative supply chain model » : « some may misunderstand us at first, and not want us “Since the end of May, Temu has been part of the club of large platforms that must comply with the rules of the European DSA.
To not miss any news from 01net, follow us on Google News and WhatsApp.
Source :
ArsTechnica
