Thursday, November 21, 2024
HomeCHINA'S SPYING IMPRISONMENTS AND OTHER CRIMINAL ACTINGArkansas Sues Temu, Alleges Chinese Shopping App Is Malware

Arkansas Sues Temu, Alleges Chinese Shopping App Is Malware

Share

Arkansas Attorney General Tim Griffin filed a lawsuit against the e-commerce app Temu on Tuesday, accusing it of violating state laws against deceptive trade practices.

“Temu claims to be an online shopping platform, but it is dangerous malware that surreptitiously grants itself access to virtually all data on a user’s cell phone,” Griffin alleges.

Temu, the top free shopping app on the Apple App Store and Google Play Store, is owned by PDD Holdings, which also operates the popular app Pinduoduo. PDD was based in China until it moved its headquarters to Ireland last year. The lawsuit outlines allegations against Temu, beginning with concerns about Pinduoduo, which researchers believed could spy on users. The Google Play Store even suspended Pinduoduo in 2023 due to security issues with “Off-Play versions of the app,” according to CNN.

The Arkansas lawsuit claims that Temu, heavily marketed in the US, was modeled after Pinduoduo.

“Temu’s activities came to light following the removal of the Pinduoduo app from Google’s Play Store for containing malware that exploited vulnerabilities in users’ phone operating systems. This malware allowed the app to gain undetected access to virtually all data stored on the phones, recompile itself, and potentially change its properties to avoid detection,” the lawsuit asserts, citing concerns from Apple about Temu’s compliance with data security standards. Apple confirmed to Politico last year that the app remained on its store after resolving these concerns.

The lawsuit alleges that Temu’s app might be even more dangerous than Pinduoduo’s. It references a report from Grizzly Research, which states that the Temu app can hack users’ phones and override data privacy settings.

The Attorney General claims that Temu collects excessive data, including sensitive or personally identifiable information. For instance, the suit alleges that Temu misleads users by requesting access to information, such as location data, when uploading a photo. However, this permission extends to any time the user engages with the app. The lawsuit also claims that Temu “sneaks” permissions to access audio and visual recordings and storage on devices.

Most Popular