In just a few months of existence, Ago has been installed on the smartphones of millions of users all over the world: the Chinese e-commerce site is slashing prices, so much so that Amazon, threatened, is seeking to copy the formula. But this dazzling success hides serious suspicions of espionage for the benefit of Beijing.
Read Temu is a hit in France, despite suspicions of espionage
The platform defends itself from any wrongdoing, but a complaint filed by the attorney general of the state of Arkansas restarts the machine of doubts. The application would sneakily access location information, camera, contacts, text messages, documents and more generally all application data on a smartphone, nothing less. Data which is then sold to third parties, always without the consent of the users.
Furthermore, the prosecutor fears that PDD Holdings, operator of Temu, is legally required to share the information of the platform’s customers with the Chinese government. A law requires companies to cooperate with Chinese authorities, regardless of the data protection laws in force in the United States or Europe.
The lawsuit is based in particular on a study by Grizzly Reports, which in fact takes up a good part of the discoveries of the specialist company WithSecure dating back to last year. It was a question of pointing the finger at the maneuvers of Pinduoduo, an e-commerce platform owned by PDD Holdings, and which allegedly served as a draft for Temu.
Security researchers have identified malware in the Pinduoduo app that exploits Android vulnerabilities to spy on users. The application would thus have access to information which is normally prohibited to it; it would also be able to hide itself to avoid uninstallation.
Pinduoduo has been removed from Google Play, but despite similar concerns for Temu, Apple and Google’s stores have yet to take action against the top-ranked app.
According to the complaint, the Temu app, once downloaded, would have the ability to modify its code. It would therefore be capable of “transforming” itself into malware after having passed through the security gates of the app stores… The attorney general is demanding an injunction to stop Temu from spying on its customers in this way, financial sanctions and the restitution of the profits made by the sale of data and misleading sales in the app.
A spokesperson for Temu told ArsTechnica the company’s surprise and disappointment after filing the complaint” without any independent fact-checking “. The platform believes that the accusations are based on “ misinformation circulating online ” and that they are ” totally unfounded».
If Temu intends to defend himself, vigorously ” against these attacks, the company nevertheless concedes that a ” meticulous examination » of his practices could be beneficial to him, given his “ innovative supply chain model » : « Some people may misunderstand us at first, and not want us “Since the end of May, Temu has been part of the club of large platforms that must comply with the rules of the European DSA.
To not miss any news from 01net, follow us on Google News and WhatsApp.
Source :
ArsTechnica
