CyberBits: Alarming Zero-Day exploit that affected millions of devices


Mariami Kentchadze, Special Assignments Reporter

Recent reports claimed that a Chinese Android app named Pinduoduo, a well-known platform that had been downloaded by millions of users internationally, had used a zero-day attack on millions of devices. 

Zero-day exploits are previously undiscovered vulnerabilities that have not yet been repaired, making them very convenient and beneficial to attackers and problematic for consumers everywhere. Until the vulnerability is mitigated, hackers are able to exploit it in order to cause damage to software, data, devices or even a network. 

“It’s not known how many third-party downloads Pinduoduo has, but given the wide reach of the app, the number is surely in the millions, if not hundreds of millions.” Dan Goodin said in his article “Android app from China executed 0-day exploit on millions of device.”

Multiple sources recently asserted that Pinduoduo, China’s largest e-commerce platform that allows users to purchase products at a discounted price through group buying, used a zero-day vulnerability to take over millions of devices, steal confidential information and spread malware.

A zero-day exploit is an emerging cybersecurity threat because the attacker discovers the software weakness before anyone else who might be concerned about preventing it, swiftly develops an exploit and then uses it for an attack. 

Through the exploit, attackers were able to obtain sensitive information, including confidential user data and location information. Even though the complete scope of the harm done by this attack is not yet fully known, it is obvious that the ramifications are significant and could potentially be disastrous.

‘Lookout,’ the leading provider of Data-Centric Cloud Security that helps businesses and individuals protect sensitive data and information, confirmed that malicious versions of the Pinduoduo app were accessible in third-party marketplaces, which are popular in China due to limited access to official app stores. 

The malicious versions however could not be located in official app stores such as Apple’s App Store or Google Play. According to reports, the malicious applications exploited a number of zero-day vulnerabilities. Google is said to have deleted the malicious version of Pinduoduo from Play after the detection.

This incident highlighted the importance of staying vigilant and observant when it comes to app downloads and updates. Users need to be cautious about what permissions they grant to apps and knowledgeable about potential risks associated with downloading and installing new or unfamiliar apps. Additionally, it is essential to keep all devices updated with the latest security adjustments and to avoid using outdated software or hardware on our devices. Furthermore, this attack underscores the need for app developers to prioritize security measures in their software. It is inadequate to merely develop an app that works well or is well-liked by users.

Developers must prioritize security measures while also making sure their applications have been fully examined and are secure, thus making them free from vulnerabilities. This is especially crucial in today’s world where breaches of data and cyberattacks are becoming increasingly prevalent.

To conclude, in light of the recent zero-day exploit on millions of Android devices caused by one software, it is imperative for users to be cautious while downloading and using apps, particularly while downloading the ones developed by unfamiliar companies or organizations. 

This incident serves as a wake-up call for users to prioritize security measures and take necessary precautions, and for developers to prioritize security in their software to avoid the potentially catastrophic consequences of cyber-attacks and data breaches.