Security News > 2020 > November > Google binned two apps by China’s Baidu, which says researchers got it wrong by linking it to personal info leaks

Google binned two apps by China’s Baidu, which says researchers got it wrong by linking it to personal info leaks
2020-11-25 01:58

UPDATED Infosec researchers at Palo Alto Networks' Unit 42 threat intelligence unit spotted a pair of prominent Chinese apps leaking personal data, and after it informed Google the ad giant dumped the apps from its Play store.

Baidu says the personal information was only used to enable push functionality and that the privacy agreement in its apps disclosed that use.

Baidu also got an email from Palo Alto and appears to have acted because a new and sniffer-free version of Search Box debuted on Google Play on November 19th. Baidu Maps is yet to return.

Palo Alto detected Baidu's misbehaving apps with a malware scanner, which speaks volumes about the Baidu apps' behaviour.

UPDATED: 04:00 GMT November 25th. Baidu has contacted The Register and said the reason the apps were removed from the Play Store was "One of our APKs has prominent disclosure but the disclosure is not adequate."


News URL

https://go.theregister.com/feed/www.theregister.com/2020/11/25/palo_alto_detects_leaking_baidu_apps/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Google 141 994 4922 2872 1623 10411
Baidu 16 1 10 3 6 20