US alleges data security risks in Temu shopping app

CNBC reports that the increasingly popular e-commerce app Temu has been accused by the U.S. government of having data security risks following the removal of its Chinese sister app Pinduoduo from the Google Play Store due to the presence of malware, which exploited Android security flaws. Such allegations surrounding Temu's data security risks have been downplayed by security researchers, including Acronis Chief Information Security Officer Kevin Reed who said that Temu is significantly less aggressive than Pinduoduo in requesting device permissions. Moreover, Arctic Wolf Labs Vice President and Head Daniel Thanos said that no version of Temu was found to have malicious functionality and that the Temu app is not leveraging keys that have been used for signing Pinduoduo malware. "Based on our analysis, it appears that this malware is targeting Chinese users primarily, as it appears to target devices usually sold and used in China such as Xiaomi, Vivo, Oppo, Samsung, etc, and their corresponding applications," Thanos.