Shopping App Temu is “Dangerous Malware,” Spying on Your Texts, Lawsuit Claims
Freeman writes:
Temu-the Chinese shopping app that has rapidly grown so popular in the US that even Amazon is reportedly trying to copy it-is "dangerous malware" that's secretly monetizing a broad swath of unauthorized user data, Arkansas Attorney General Tim Griffin alleged in a lawsuit filed Tuesday.
Griffin cited research and media reports exposing Temu's allegedly nefarious design, which "purposely" allows Temu to "gain unrestricted access to a user's phone operating system, including, but not limited to, a user's camera, specific location, contacts, text messages, documents, and other applications."
"Temu is designed to make this expansive access undetected, even by sophisticated users," Griffin's complaint said. "Once installed, Temu can recompile itself and change properties, including overriding the data privacy settings users believe they have in place."
[...]
The company that owns Temu, PDD Holdings, was founded in 2015 by a former Google employee, Colin Huang. It was originally based in China, but after security concerns were raised, the company relocated its "principal executive offices" to Ireland, Griffin's complaint said. This, Griffin suggested, was intended to distance the company from debate over national security risks posed by China, but because the majority of its business operations remain in China, risks allegedly remain.
[...]
Last year, Temu was the most downloaded app in the US, Griffin's complaint noted, while most users had no way of knowing that the app was allegedly collecting "a shocking amount of sensitive user data" that was "beyond what is necessary for an online shopping app."According to the complaint, Temu is allegedly obscuring its unauthorized access to data through misleading terms of use and privacy policies that do not alert users to the full scope of data that the app can potentially collect. That includes not telling users about tracking granular locations for no defined purpose and collecting "even biometric information such as users' fingerprints."
Read more of this story at SoylentNews.