According to research, a broad range of applications, including those from the U.S. Army and the Centers for Disease Control and Prevention (CDC), had Pushwoosh malware installed. An app analytics company called Appfigures claims that approximately 8,000 applications in the Apple App Store and Google Play Store had Pushwoosh code. Software developers may deliver push alerts to users with Pushwoosh, which offers code and data processing tools. The company’s website states that it does not gather sensitive data, and a Reuters investigation found no proof that Pushwoosh mishandled user data. There is still a potential security risk for businesses that employ the code. According to corporate records, Pushwoosh is based in the Siberian city of Novosibirsk. However, it promotes itself as a U.S. corporation on social media and in regulatory filings in the United States. The Centers for Disease Control and Prevention (CDC), the United States’ central agency for fighting major health threats, said it had been deceived into believing Pushwoosh was based in the U.S. capital. After learning about its Russian roots from Reuters, it removed Pushwoosh software from seven public-facing apps, citing security concerns. The U.S. Army said it had removed an app containing Pushwoosh code in March because of the same concerns.” -Reuters The business claims it has data on 2.3 billion devices, and the code has been included in almost 8,000 applications overall. The article emphasizes that there is no proof that the Pushwoosh code was created with evil or deceitful purpose, but it was worrying that it went to such efforts to claim to be US-owned. The business also made two bogus executives with purported Washington, DC addresses and false LinkedIn accounts. The NTC is a major battle training center in the Mojave Desert for pre-deployment soldiers, meaning a data breach there could reveal upcoming overseas troop movements” Source: Reuters
