A Russian data company posing as an American company has ended up developing code for apps used by the United States military, as well as for the Center for Disease Control and Prevention (CDC).
according to Reuters (Opens in a new tab), a company called Pushwoosh, which listed an address in Washington, D.C. (among other places) as its headquarters, was actually based in Novosibirsk, Russia. It also claims that Pushwoosh has listed addresses in California, Maryland, and Washington, DC
As a result, more than 8,000 iOS and Android applications It contains code developed in Russia. Since then, the US military has claimed to have removed the offending code from its products, and the CDC has removed Pushwoosh from seven public apps, citing security concerns.
The company’s founder, Max Konev, told Reuters a few months ago that he had never hidden the company’s Russian origins. He said: “I am proud to be Russian and I will never hide this.”
In fact, the business address, listed on Twitter, Facebook and LinkedIn, is a suburban home in Kensington, Maryland, that belonged to a friend of the founder, who said he had no other connection to the company.
Conniff stated that the Maryland address was used to “receive business correspondence” during the COVID-19 pandemic. It also claimed that Pushwoosh now operates from Thailand, but Reuters was unable to find evidence that the company was registered in that jurisdiction.
Pushwoosh is a data-processing software company, which may set off alarm bells. However, Reuters found no evidence of Pushwoosh misusing user data.