Shopping app Temu is "dangerous malware," spying on your texts, lawsuit claims
Arkansas AG sues Temu app for alleged data theft and privacy breaches, accusing it of sharing sensitive user data with China. Temu denies claims and plans to defend against lawsuit. Relocation to Ireland noted.
Read original article
A lawsuit filed by Arkansas Attorney General Tim Griffin alleges that the Chinese shopping app Temu is "dangerous malware" secretly monetizing unauthorized user data. Temu is accused of gaining unrestricted access to users' phones, including sensitive information like camera, location, contacts, and text messages. The app is believed to recompile itself to override privacy settings and potentially share data with the Chinese government. Griffin's complaint suggests that Temu entices users with promises of discounted goods while actually aiming to steal data for profit. The lawsuit seeks to stop Temu from spying on users and claims violations of consumer protection laws. Despite the allegations, Temu plans to vigorously defend itself against the lawsuit, denying the accusations and expressing openness to scrutiny for long-term development. The company's relocation to Ireland from China is seen as an attempt to distance itself from security concerns, although most operations remain in China. Concerns over Temu's security and privacy risks echo those faced by its parent app, Pinduoduo, which was previously suspended for similar issues.
Related
TikTok confirms it offered US Government a 'kill switch'
TikTok offered a "kill switch" to the US government amid data protection concerns. Legal disputes continue as ByteDance faces pressure to sell TikTok's US assets by January to avoid a ban.
Apple found in breach of EU competition rules
Apple breached EU competition rules by not complying with the Digital Markets Act, hindering app developers from directing consumers to alternative channels. The company faces fines if not compliant within 12 months.
Leaking URLs to the Clown
The author describes leaking URLs during Mac app testing, with a unique URL receiving requests from a random "cloud" service every three hours. This raises privacy concerns and highlights potential risks for users.
TikTok confirms it offered US Government a 'kill switch'
TikTok offered a "kill switch" to the US government amid data security concerns. Legal battles persist over potential divestment from ByteDance. Reports suggest data sharing between TikTok and ByteDance.
Arkansas Sues Temu, Claims Chinese Shopping App Is Malware
Arkansas sues Chinese app Temu for alleged malware and data privacy violations. Lawsuit demands data collection halt and penalties. Concerns raised over ties to Chinese officials. Temu denies allegations amid broader Chinese app scrutiny.
1 comments> Once installed, Temu can recompile itself and change properties, including overriding the data privacy settings users believe they have in place.
Pretty scary/shocking if this is true
Also from the lawsuit:
>App store security scans don't flag Temu's risks, the complaint alleged, because Temu can "change its own code once it has been downloaded to a user’s phone"—which means it's essentially able to transform into malware once it is past the security checkpoint.
I really want to know if the above is actually possible? I would assume this would break code signing
Related
TikTok confirms it offered US Government a 'kill switch'
TikTok offered a "kill switch" to the US government amid data protection concerns. Legal disputes continue as ByteDance faces pressure to sell TikTok's US assets by January to avoid a ban.
Apple found in breach of EU competition rules
Apple breached EU competition rules by not complying with the Digital Markets Act, hindering app developers from directing consumers to alternative channels. The company faces fines if not compliant within 12 months.
Leaking URLs to the Clown
The author describes leaking URLs during Mac app testing, with a unique URL receiving requests from a random "cloud" service every three hours. This raises privacy concerns and highlights potential risks for users.
TikTok confirms it offered US Government a 'kill switch'
TikTok offered a "kill switch" to the US government amid data security concerns. Legal battles persist over potential divestment from ByteDance. Reports suggest data sharing between TikTok and ByteDance.
Arkansas Sues Temu, Claims Chinese Shopping App Is Malware
Arkansas sues Chinese app Temu for alleged malware and data privacy violations. Lawsuit demands data collection halt and penalties. Concerns raised over ties to Chinese officials. Temu denies allegations amid broader Chinese app scrutiny.