Exclusive: Russian software disguised as American finds its way into U.S. Army, CDC apps
Source: Reuters
LONDON/WASHINGTON, Nov 14 (Reuters) - Thousands of smartphone applications in Apple (AAPL.O) and Google's (GOOGL.O) online stores contain computer code developed by a technology company, Pushwoosh, that presents itself as based in the United States, but is actually Russian, Reuters has found.
The Centers for Disease Control and Prevention (CDC), the United States' main agency for fighting major health threats, said it had been deceived into believing Pushwoosh was based in the U.S. capital. After learning about its Russian roots from Reuters, it removed Pushwoosh software from seven public-facing apps, citing security concerns.
The U.S. Army said it had removed an app containing Pushwoosh code in March because of the same concerns. That app was used by soldiers at one of the country's main combat training bases.
According to company documents publicly filed in Russia and reviewed by Reuters, Pushwoosh is headquartered in the Siberian town of Novosibirsk, where it is registered as a software company that also carries out data processing. It employs around 40 people and reported revenue of 143,270,000 rubles ($2.4 mln) last year. Pushwoosh is registered with the Russian government to pay taxes in Russia.
Read more: https://www.reuters.com/technology/exclusive-russian-software-disguised-american-finds-its-way-into-us-army-cdc-2022-11-14/
2naSalit
(86,775 posts)Lars39
(26,114 posts)Who dug them up to hire them?
BumRushDaShow
(129,426 posts)as well as women-owned/vet-owned/minority-owned including AK-native, etc., businesses, so this is not a surprise.
Their response to any RFIs and/or to the solicitation not revealing where they were really domiciled is the obvious issue as they apparently had some front company here in the U.S. (or were maybe brought on as a sub to a primary contractor who didn't vet them properly).
IronLionZion
(45,523 posts)so this Russian company sells an SDK for push notifications and in-app messaging. App developers don't always look or care where a source is from, they just want the functionality incorporated into their app.
If you've heard the term "supply chain attack", this is a big risk for that.
IronLionZion
(45,523 posts)for in-app messaging and push notifications
https://seekingalpha.com/news/3906964-thousands-of-apps-in-app-store-google-play-store-use-code-from-russian-company-report
https://www.pushwoosh.com/
Sneaky Russians
BumRushDaShow
(129,426 posts)IronLionZion
(45,523 posts)sometimes government leaders will decree that software needs to be developed and tested only by US citizens and audited by people with clearances. When that happens, idiots point to brown US citizens like me while the white Russians fly under the radar.
BumRushDaShow
(129,426 posts)Seems this software was like an add-on utility for other apps since there were so many apps using it.
This seems like an issue with the Google Play Store and iOS App Store, although I don't know how deep their vetting is and whether the company might have even been quietly put on a sanctions list or what, since this was apparently discovered during the spring of this year.
PaulnFortWorth
(59 posts)Cross-channel marketing service for increasing customer engagement, retention, LTV. Push notifications (mobile/web), emails, in-apps & more.
Based in Washington, District of Columbia, United States
51-100 Employees
Private
www.pushwoosh.com/
CB Rank145,616
Natalya Radosteva, COO
Executive
Management, Operations
Create segment-based and event-based campaigns, send broadcast and transactional messages and get your statistics automatically gathered all on one platform.
EIN Presswire (https://www.einpresswire.com/about) Pushwoosh "were awarded Top Performer honors. Top Performers are vendors with significant market presence and enough customer reference content to validate their vision. Top Performers products are highly rated by its customers but have not achieved the customer base and scale of a Market Leader relative to company size.
jmowreader
(50,562 posts)Fort Irwin is in the middle of nowhere for a reason - they needed a lot of land and didn't want to pay a lot of money for it, so they went out in the middle of the Mojave Desert.
Fun fact: Take a look at this picture. It is Fort Irwin's urban combat area.
I made this! All those "buildings" are actually shipping containers with printed vinyl on them so they look like Middle Eastern buildings. I printed all this vinyl when I worked at a company in North Carolina that specialized in doing that. It took weeks to do it, and the Army was very happy with it.
OnDoutside
(19,969 posts)We've been fed a diet of how powerful the US is in knowing the backdoors of the internet, so how come they don't use some of them ?