Jump to content
Login new information ×
Login new information
  • Security & Privacy News

    Russian Code Found in US Army, CDC Apps

    aum

    By aum,
    Published Date:

    • 405 views
    • 2 minutes
     Share
    • 405 views
    • 2 minutes

    Everyone thought Pushwoosh was a US company, not a Russian entity operated from Siberia with its code embedded in 8,000 mobile apps.

     

    A Russian company offering data processing services for apps has deceived many international companies by presenting itself as a US entity.

     

    The company is called Pushwoosh Inc., and its Russian origins were uncovered by Reuters.

     

    A quick check of Pushwoosh's social media channels reveal a company claiming to be located in Washington, D.C. on Twitter, and Maryland on Facebook and LinkedIn. On the company's YouTube channel it boasts of 80,000 clients including Unilever, Deloitte, Coca-Cola, McDonald's, FIBA, Sport1, and SPAR.

     

    US regulatory filings by the company don't mention Russia, this includes eight annual filings made in Delaware. It has also been confirmed that Pushwoosh's founder, Max Konev, is using the email address of a friend based in Maryland to handle business correspondance.

     

    In reality, Pushwoosh is a Russian company with headquarters in Novosibirsk, Siberia. It employs around 40 people and revenue last year amounted to roughly $2.4 million. It's also registered to pay taxes to the Russian government, and is therefore subject to the same rules as other Russian companies—notably the sharing of user data with the Russian government upon request.

     

    Most worrying of all is the company's association with US government agencies. A US Army app used as an informational portal at the National Training Center by troops contained Pushwoosh code, but was removed due to "security issues" earlier this year. The Centers for Disease Control and Prevention (CDC) admitted it thought Pushwoosh was a US company and has now removed the company's code from multiple public-facing apps. Others, including UEFA and Unilever, relied on third parties to create apps for them which ended up containing Pushwoosh code.

     

    Legal experts talking to Reuters believe Pushwoosh could be violating FTC laws and this discovery may trigger sanctions. That would have a huge impact not only on the company, but the 8,000 apps its code is embedded in across Google Play and the iOS App Store.

     

    Konev is claiming his company "has no connection with the Russian government of any kind" and that all data is stored in either the US or Germany. Currently there is no clear evidence the stored data is being shared with Russia, but that doesn't mean Pushwoosh couldn't be compelled to share by its government.

     

    Source

    • Karlston and alf9872000
    • Like 2
     Share
    Go to news

    User Feedback

    Recommended Comments

    There are no comments to display.



    Guest
    This is now closed for further comments

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...