Google has suspended Chinese agricultural e-commerce app Pinduoduo from Google Play after versions of the app found outside the Google store were flagged as having malware issues.
A Google spokesperson told Reuters that the app had been suspended over “security concerns”, adding that “Off-Play versions of this app that have been found to contain malware have been enforced on via Google Play Protect”, in other words, software that prevents the installation of malicious or harmful apps by scanning Android devices with Google Play Services.
A Pinoduoduo spokesperson told Reuters that Google had not shared details on why the app was “temporarily suspended” from Google Play beyond saying that the current version of the app “is not compliant with Google’s Policy”. The spokesperson noted that there are multiple reasons why an app may be temporarily suspended from Google Play.
Trojan malware, or malware disguised as a trusted file or source, can have devastating affects when unknowingly downloaded by a victim. Research by cyber security software company G Data has found that as of 2019, there were more than 4.18 million malicious Andriod apps available to download, with an average of 11,500 apps being uploaded every day.
Cyber security expert and Cyber Security Hub contributor Alex Vakulov notes that the nature of this threat vectors means it is difficult to remove once a device has been infected, with some extreme cases requiring the infected device to be returned to factory settings.
Vakulov says that it is not uncommon for users to download malware from official sources such as Google Play, due to the app-checking technology not being completely foolproof.
“While mobile security solutions can detect unauthorized app activity, it is the personal decision of each user to install a particular software on their phone,” he adds.
To prevent trojan malware infections, users should remain vigilant by checking the validity of app publishers before downloading any apps.