March, alphabet inc Google Google has banned Chinese e-commerce company Pinduoduo Inc‘S PDD App from its platforms citing security concerns in detecting malware. Now, experts claim that the app can be used to spy on users, according to CNN report.

The Pinduoduo app can reportedly bypass users’ phone security to monitor activity on other apps, check notifications, read private messages, and change settings.

Experts claim that the presence of malware in the Pinduoduo app has exposed vulnerabilities in Android’s operating systems. Company insiders said these vulnerabilities were exploited to spy on users and competitors and allegedly boost sales, according to CNN.

Also read: Do you want to use TikTok, Instagram or Twitter? You may need to get your parents to sign a permit slip

“We haven’t seen a mainstream app like this trying to escalate their privileges to get access to things they shouldn’t have access to.” Mikko Hyppönenresearch leader at Certainlysaid the outlet.

Evidence of malware in the Pinduoduo app comes amid heightened US-China tensions over Chinese-owned apps, including TikTok, which US lawmakers say could pose a national security threat.

In 2020, Pinduoduo assembled a team of about 100 engineers to scan for vulnerabilities in Android phones and develop ways to exploit and take advantage of those vulnerabilities, a current Pinduoduo employee told CNN.

Researchers at a Tel Aviv-based cyber firm check point Research, Delaware-based app security launch over-collateralisedAnd Hyppönens WithSecure reportedly analyzed version 6.49.0 of the app and discovered code designed to achieve “privilege escalation” — a type of cyberattack that exploits a vulnerable operating system to gain greater access to data than it should have .

Sergey Toshin, founder of Oversecured, told CNN that Pinduoduo is “the most dangerous malware” ever found among mainstream apps.

“I’ve never seen…