Skip to content

Rapid Coverage of a World Gone Full Cyberpunk

  • Channels
    • #AxisOfEasy
    • Metaviews
    • Of Two Minds
    • Venture Crapital
  • Podcast
  • Our Mission
  • Contributors
  • Books
  • Home
  • #AxisOfEasy
  • #AxisOfEasy 291: Chinese Budget Shopping App, Pinduoduo, Temporarily Suspended On Google Play Store Over Malware Concerns

#AxisOfEasy 291: Chinese Budget Shopping App, Pinduoduo, Temporarily Suspended On Google Play Store Over Malware Concerns

March 28, 2023March 28, 2023 Mark E. Jeftovic

Weekly Axis Of Easy #291


Last Week’s Quote was  “Mankind, it seems, makes a poorer performance of government than of almost any other human activity,” was by historian Barbara Tuchman.  No one got it!

This Week’s Quote: “Those who are capable of tyranny are capable of perjury to sustain it.” By ???

THE RULES:  No searching up the answer, must be posted at the bottom of this post, in the comments section.

The Prize: First person to post the correct answer gets their next domain or hosting renewal on us.


This is your easyDNS #AxisOfEasy Briefing for the week of March 27th, 2023 our Technology Correspondent Joann L Barnes and easyCEO Mark E. Jeftovic send out a short briefing on the state of the ‘net and how it affects your business, security and privacy.
 
For more commentary and insight into last week’s top issues, tune in to Joey Tweets, and Len the Legend for the AxisOfEasy the podcast edition.

In this issue:
  • Chinese Budget Shopping App, Pinduoduo, Temporarily Suspended on Google Play Store Over Malware Concerns
  • Meta’s former trust and safety manager among the targets of Predator hack
  • SpaceX RaptorV2 Documents Leaked in Latest LockBit Ransomware Attack
  • Apple to Monitor Employee Attendance Amid Back-to-Office Controversy
  • Redis Bug Causes ChatGPT User Data Exposure
  • GoAnywhere ransomware attack
  • Google Pixel: Cropped or edited images can be recovered
 
Elsewhere online:
  • Adobe confirms ColdFusion flaw which allowed for “limited attacks”
  • Threat Actors Discovered Abusing Google Ads to Distribute BatLoader Malware
  • Windows11 Vulnerable to “aCropalypse” Bug, Leaving Modified User Images Susceptible to Reconstruction
  • Leading Cloud Security Solution for SaaS Companies, Lightspin, Launches Remediation Hub to
  • Target Cloud Security Threats
  • Mysterious Crypto Trader ‘Smartestmoney’ Profits from Market Turmoile

 

Chinese Budget Shopping App, Pinduoduo, Temporarily Suspended on Google Play Store Over Malware Concerns

The discovery of malware on certain versions of the Chinese budget shopping app, Pinduoduo, has led to the app’s temporary suspension on the Google Play Store. News of the ban came shortly after Shein, another Chinese shopping giant, was caught copying clipboard content on Android phones of users who were using an older, non-updated version. Google has enforced its Play Protect software, which scans installed Android phone apps for malicious behavior, to block the installation of these apps and prompt users to uninstall them if they have already downloaded them to their devices.

Pinduoduo has confirmed that it is in talks with Google to analyze its next steps. The platform has over 900 million users and is one of China’s most popular e-commerce platforms. Last year, Pinduoduo’s US-listed parent company, PDD, launched the online shopping platform Temu in the US. It has since become the most downloaded app in the US for iOS and Android, with 24 million downloads since its launch in September.

In a statement, Pinduoduo said that “we strongly reject the speculation and accusation by some anonymous researcher and non-conclusive response from Google that the Pinduoduo app is malicious.”

Read: https://www.hackread.com/google-suspends-china-pinduoduo-app-malware/


Meta’s former trust and safety manager among the targets of Predator hack

According to officials involved in the case, a US citizen was hacked and placed under a yearlong wiretap with a powerful cyberespionage tool. The spyware known as Predator, which was used to infect her device, is marketed by an Athens-based company and has been exported from Greece despite potentially breaching European Union laws.

Artemis Seaford, a dual US-Greek national who spends much of her time in Greece, was working for Facebook’s parent company Meta at the time of the hack. In her role at Meta, Seaford worked on policy questions on cybersecurity and maintained working relations with Greek and other European officials.

She discovered she had been hacked on seeing her name on a leaked list of spyware targets in the Greek media last November. She took her phone to The Citizen Lab at the University of Toronto for forensics. Their lab reports confirmed that Seaford’s mobile phone had been hacked with the Predator spyware in September 2021.

The same spyware was at the center of a similar illegal wiretapping scandal last year. Greek politicians, state officials, journalists, and other notable families were targeted and had their devices infected. Greek newspaper Documento published the story with a list of affected individuals’ names.

The Greek government’s response has mostly been opaque. Giannis Oikonomou, the government spokesperson, denied that the Greek authorities and security services had acquired or used Predator. “The alleged use of this software by nongovernmental parties is under ongoing judicial investigation,” he said.

“Greece was among the first countries in Europe that passed legislation banning the sale, use and possession of malware in December 2022, which has the most severe legal consequences and strict penalties for individuals and legal entities involved in such an offense,” he added. Meanwhile, European Union lawmakers have launched their own investigation.

Read: https://www.nytimes.com/2023/03/20/world/europe/greece-spyware-hacking-meta.html


SpaceX RaptorV2 Documents Leaked in Latest LockBit Ransomware Attack

The LockBit ransomware group has managed to penetrate Elon Musk’s SpaceX program via the latter’s third-party contractor, Texas-based Maximum Industries. LockBit claims to have gotten hold of some 3000 SpaceX engineering drawings from Maximum Industries and has leaked several of these documents as proof of its claims, along with a signed non-disclosure agreement. LockBit is now trying to blackmail SpaceX, demanding that Elon Musk himself should come to the negotiating table.

One of the designs the ransomware gang has leaked seems to be a part of the Raptor V2 engine schematic. The Raptor is the proprietary engine used by the SpaceX launch vehicle, and the V2 is an improvement on the original decade-old model. LockBit posted these samples on March 13 and is now threatening to auction the designs off to the aerospace pioneer’s rival competitors if negotiations are not initiated within a week of the initial leak.

This is not the first time SpaceX documents have been breached due to a third-party leak. The exact same scenario occurred three years ago when the DoppelPaymer ransomware gang broke into the SpaceX and Tesla contractor Visser Precision, stole internal documents from both companies and threatened to leak them if not paid off. However, in that scenario, the criminals targeted Visser Precision for payment. When the third-party vendor refused to pay, DoppelPaymer leaked the documents the following month. The LockBit ransomware group may have learned from DoppelPaymer’s previous attack, as evidenced by its decision to go after Elon Musk directly.

Read: https://www.cpomagazine.com/cyber-security/spacex-third-party-vendor-hit-by-lockbit-ransomware-gang-claims-that-it-stole-engineering-schematics/


Apple to Monitor Employee Attendance Amid Back-to-Office Controversy

According to a report by the New York Post, Apple will reportedly monitor employee attendance to ensure they comply with a company requirement that they report to the office at least three days a week. The iPhone maker will review badge records to track attendance at its corporate offices in an effort to crack down on workers who ignore the back-to-work mandate. Employees who fail to return to their desks three days a week could be fired, though it is unclear if the company has adopted that as an official policy.

Apple’s monitoring of employees’ badge information appears to contradict the firm’s claim to be conscious of protecting users’ privacy and data. Apple employees have chafed at management’s return-to-office edict, which was announced last year following the lifting of coronavirus lockdown measures and the mass vaccination campaign nationwide. In August, more than 1,200 Apple employees signed a petition denouncing the company’s return-to-office order, which was implemented on Labor Day.

Last spring, several Apple employees took to social media platforms, including Blind, to vent about the company’s demands for in-office work. Some employees even threatened to quit over the issue. Ian Goodfellow, who worked as Apple’s director of machine learning, abruptly resigned in May in response to the company’s return-to-office mandate. Goodfellow joined Google’s DeepMind division as a contributor.

Read: https://nypost.com/2023/03/23/apple-will-spy-on-workers-to-enforce-return-to-office-mandate-report/


Redis Bug Causes ChatGPT User Data Exposure

On March 20, 2023, OpenAI announced that a flaw in the Redis open-source library caused the exposure of personal information and chat titles of other users in their ChatGPT service. This defect allowed some users to see short summaries of other users’ conversations in the chat history sidebar. As a result, OpenAI temporarily shut down the chatbot.

The issue stemmed from the redis-py library. When requests were canceled, it could lead to corrupted connections and unexpected data being returned from the database cache. In this instance, data from an unrelated user was returned. A server-side change by OpenAI by mistake resulted in increased request cancellations and a higher error rate.

Although the problem has been resolved, OpenAI stated there may have been further consequences. Payment information for 1.2% of ChatGPT Plus subscribers may have been revealed on March 20 between 1-10 a.m. PT. This included the name, email address, payment address, the last four digits of the credit card number, and the credit card expiration date of another active user.

OpenAI has contacted affected users to inform them of the accidental leak. The company also added additional checks to ensure that data returned by their Redis cache corresponds to the user making the request.

Read: https://thehackernews.com/2023/03/openai-reveals-redis-bug-behind-chatgpt.html


GoAnywhere ransomware attack

A group of hackers named Clop, have taken responsibility for a series of ransomware attacks. They claim 130 of them so far. 

GoAnywhere, a popular file transfer program software, is their way in. 

TechCrunch has learned many organizations were affected by the attack and contacted them.
They include the City of Toronto for example. 

Read: https://techcrunch.com/2023/03/22/fortra-goanywhere-ransomware-attack/


Google Pixel: Cropped or edited images can be recovered

If you ever edited out things you wanted to keep off photos you shared, on a google pixel, here’s a surprise: they maybe recoverable. 

Researches have published a proof of concept on how the aCropalyse bug can be exploited in certain scenarios. There’s also an online tool provided that allows you to check if your cropped images are vulnerable. 

Read: https://www.malwarebytes.com/blog/news/2023/03/google-pixel-cropped-or-edited-images-can-be-recovered


Elsewhere online:


Adobe confirms ColdFusion flaw which allowed for “limited attacks”

Read: https://thehackernews.com/2023/03/cisa-issues-urgent-warning-adobe.html

Threat Actors Discovered Abusing Google Ads to Distribute BatLoader Malware
Read: https://cyware.com/news/hackers-push-batloader-via-google-search-ads-37dcab32/

Windows11 Vulnerable to “aCropalypse” Bug, Leaving Modified User Images Susceptible to Reconstruction
Read: https://nakedsecurity.sophos.com/2023/03/22/windows-11-also-vulnerable-to-acropalypse-image-data-leakage/

Leading Cloud Security Solution for SaaS Companies, Lightspin, Launches Remediation Hub to Target Cloud Security Threats
Read: https://www.darkreading.com/cloud/lightspin-launches-remediation-hub-to-identify-and-fix-cloud-security-threats

Mysterious Crypto Trader ‘Smartestmoney’ Profits from Market Turmoil
Read: https://crypto.news/mysterious-crypto-trader-quit-ftx-and-svb-just-before-they-collapsed/


Previously on #AxisOfEasy

If you missed the previous issues, they can be read online here:

  • March 20th, 2023: Microsoft AI Ethics Department Disbanded Amidst Industry Warnings
    March 13th, 2023: Drop What You’re Doing: Update Android Edition
  • March 6th, 2023: The Danger Of Weaponizing Disinformation: The Controversial Actions Of The Global Disinformation Index
  • February 27th, 2023: Google Blocks Percentage Of Canadian Users From Accessing The News Online In Light Of Canadian Bill C-18
  • February 20th, 2023: Do The Secrecy Provisions Of The Cybersecurity Bill Go Too Far?

 

 

 

 

 
#AxisOfEasyTagged: aCropalypse, Artemis Seaford, BATLOADER, Blind, ColdFusion, DeepMind, DoppelPaymer, Giannis Oikonomou, GoAnywhere, Ian Goodfellow, Lightspin, LockBit, Maximum Industries, PDD, Pinduoduo, Play Protect, Raptor V2, redis-py, SaaS, Smartestmoney, SpaceX, Temu, The Citizen Lab, Windows11

Post navigation

The Everything Bubble and Global Bankruptcy
While We’re Obsessing About the Economy and the Fed, Society Is Unraveling

Related Posts

#AxisOfEasy 296: RedLine Stealer MaaS Latest Example Of Hackers Exploiting Generative AI Technologies As AI Platforms Gain Popularity

RedLine stealer MaaS latest example of hackers exploiting generative AI technologies as AI platforms gain popularity,
Multiple salesforce websites have disclosed personal information,
Paul Thacker defends Tucker Carlson, says WHO stealth-edited vaccine information to censor Tucker … this and more in AofE #296

#AxisOfEasy 268: NYT Conspiracy Theory Comes True In Less Than 24 Hours

NYT conspiracy theory comes true in less than 24 hours,
PayPal continues to threaten its user with a $2,500 fine for promoting “discriminatory intolerance,”
Religious freedom group’s account closed by JPMorgan Chase donor list demanded … this and more in AofE #268

#AxisOfEasy 248: A Crypto Hack Is More Than A Niche Issue; It Impacts Society As A Whole

A Crypto Hack is More Than a Niche Issue; It Impacts Society As a Whole,
Vulnerability in Premium WordPress Themes Causes Site takeover,
 … this and more in AofE #248

One thought on “#AxisOfEasy 291: Chinese Budget Shopping App, Pinduoduo, Temporarily Suspended On Google Play Store Over Malware Concerns”

  1. keith liggett says:
    March 28, 2023 at 8:10 pm

    Steven Snyder who wrote the book Tyranny

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Loading

Search Blog

Recent Posts

  • Now That the Parasites Have Consumed the Host….
  • The Miracles of Moderate Exercise
  • #AxisOfEasy 403: Meta And Yandex Caught Spying On Millions Of Android Users Without Consent
  • The Ratchet Effect: Easy to Spend More, Spending Less Triggers Collapse
  • What AI Can’t Do Faster, Better, or Cheaper Than Humans
  • #AxisOfEasy 402: Claude 4 Opus Emerges As Powerful But Risky AI Model With Deceptive Behaviors
  • My Job Is to Say No–with One Exception
#AxisOfEasy is brought to you by.... easyDNS
Power & Freedom™ since 1998

Categories

  • #AxisOfEasy
  • Cybersecurity
  • FreedomTech
  • FreeSpeech
  • Metaviews
  • Of Two Minds
  • Venture Crapital

Copyright © 2025 | Marvel Blog by Ascendoor | Powered by WordPress.

  • Channels
    • #AxisOfEasy
    • Metaviews
    • Of Two Minds
    • Venture Crapital
  • Podcast
  • Our Mission
  • Contributors
  • Books