Pushwoosh is a software company that creates computer code and data processing for software developers that’s used by thousands of smartphone applications.
Their code has been used in almost 8,000 apps in the Google and Apple app stores.
And according to the company, they don’t collect sensitive data. But they actually collect user data, including geolocation, which is pretty sensitive data.
U.S. government agencies, including the CDC, had been using Pushwoosh software, and the U.S. Army used an application containing software code from Pushwoosh.
According to Russian documents, the company is headquartered in the town of Novosibirsk. It employs about 40 people and has revenue of over $2 million each year.
But, on social media, the company presents itself as being based in the U.S. The company claimed to be based in California and Maryland at different times.
Yet, Pushwoosh’s founder said, “I am proud to be Russian and I would never hide this.”
He claimed that the company had no connection to the Russian government. The problem is that Russia, like China, is known for forcing companies to share their data.
Pushwoosh claims that it stores data in the U.S. and Germany.
But storing data in another country won’t stop the Russian government from accessing it.
A CDC spokesperson said…
“CDC believed Pushwoosh was a company based in the Washington, D.C. area. The belief was based on representations made by the company.”
The reality is that using software from foreign countries can introduce security risks.
Yet, millions of people likely use software that they have no idea is made in another country.
Considering this, here are a few ways you can spot software that is likely made outside the U.S.
Overcharges:
A foreign software company that has dangerous intentions will likely have two goals.
They will want to gather personal data and take your money.
Oftentimes, foreign companies will overcharge customers because there are fewer repercussions.
If the company is in another country, they can more easily avoid U.S. law enforcement.
It would be more difficult for a customer to get their money back from another country.
Software demands information:
Typically, you can use software even when you provide very little information.
Yet, foreign-made software might include more pop-ups that ask for detailed information.
They want to collect as much data as possible about customers.
So, if you’re using new software and it’s asking too many personal details, then you should confirm it is legitimate.
Fake address:
Pushwoosh claimed its office was in Maryland. But in reality, the address is a home owned by a Russian citizen.
At one point, the company listed an address in California, but the address didn’t even exist.
Before using new software, do some research. Find out where the company’s headquarters is, and look up the address to see if it matches.
The fact that Russian-made software was used by the U.S. Army and the federal government is a huge security risk.
So, next time you are thinking about downloading an app, do a little research on the company before doing so.
The last thing you want is for your personal information to fall into the hands of a foreign government.
And using foreign made software is one of the easiest ways our adversaries can collect data on Americans.