If even half of what this article is suggesting were true, why wouldn’t Temu use their 1337 hacker skills to steal money outright rather than disguising it as a shopping app?
Libmanwe-lib.so is a library file in machine language (compiled). A Google search reveals that it is exclusively mentioned in the context of PDD software—all five search results refer to PDD’s apps. According to this discussion on GitHub, “the malicious code of PDD is protected by two sets of VMPs (manwe, nvwa)”. Libmanwe is the library to use manwe.
An anonymous user uploaded a decompiled version of libmanwe-lib to GitHub. It reads like it is a list of methods to encrypt, decrypt or shift integer signals, which fits the above description as a VMP for the sake of hiding a program’s purpose.
In plain words, TEMU’s app employed a PDD proprietary measure to hide malicious code in an opaque bubble within the application’s executables
So wait, bit-shifting some integers is now considered being malicious? Is that really the defense here? Using that definition just about all software in existence is malicious.
Bit shifting is not malicious on its own. Bit shifting to specifically conceal the purpose of your policy violating code from the auditors who audit the apps submitted to the App Store is malicious.
It’s about why you are doing it and what you are doing with it and not that it’s bit shifting on it’s own.
Yeah, it is. It’s such an extraordinary claim.
One requiring extraordinary evidence that wasn’t provided.
“It’s doing amazing hacks to access everything and it’s so good at it it’s undetectable!” Right, how convenient.
You’re bang on the money.
If even half of what this article is suggesting were true, why wouldn’t Temu use their 1337 hacker skills to steal money outright rather than disguising it as a shopping app?
I don’t believe his claims without evidence, but having a legit cover for nefarious acts is pretty standard, no?
Why steal their money when they can both get them to give their money as well data to also sell?
So wait, bit-shifting some integers is now considered being malicious? Is that really the defense here? Using that definition just about all software in existence is malicious.
Bit shifting is not malicious on its own. Bit shifting to specifically conceal the purpose of your policy violating code from the auditors who audit the apps submitted to the App Store is malicious.
It’s about why you are doing it and what you are doing with it and not that it’s bit shifting on it’s own.