Again to the question about the wonderful world of Chinese applications that follow users. As the researchers found out, Pinduoduo exploited the CVE-2023-20963 vulnerability in the Android Framework without user intervention. Another application from the marketplace downloaded additional malicious modules for spying on the user and accessing his notifications and files.
Reminder, a month ago, Google removed (https://t.me/tomhunter/1525) the application from the Play Store due to the presence of malware in it. And although Pinduoduo is used mainly in China, the company’s other application for the marketplace Temu has been the most downloaded in the US apple store for the past month. Kak vredonos popal v apploit, question open (https://arstechnica.com/information-technology/2023/03/android-app-from-china-executed-0-day-exploit-on-millions-of-devices/) : from intentional distribution by commercial espionage developers to supply chain attacks. Either way, the case is quite interesting.