A Russian company called Pushwoosh offering data processing services for apps has deceived many international companies by presenting itself as a US entity.
While a check on Pushwoosh’s social media channels reveal, that it’s located in Washington, D.C. on Twitter, and Maryland on Facebook and LinkedIn. On the company’s YouTube channel it boasts of 80,000 clients including Unilever, Deloitte, Coca-Cola, McDonald’s, FIBA, Sport1, and SPAR.
The regulatory filings by the company don’t mention Russia, this includes eight annual filings made in Delaware. It also confirmed that Pushwoosh’s founder, Max Konev, is using the email address of a friend based in Maryland to handle business correspondance.
Pushwoosh is a Russian company with headquarters in Novosibirsk, Siberia with employs around 40 people and revenue last year amounted to roughly $2.4 million. It’s also registered to pay taxes to the Russian government, and is therefore subject to the same rules as other Russian companies—notably the sharing of user data with the Russian government upon request.
Below are the association with US government agencies.
- A US Army app used as an informational portal at the National Training Center by troops contained Pushwoosh code, but was removed due to “security issues” earlier this year.
- The Centers for Disease Control and Prevention admitted it thought Pushwoosh was a US company and has now removed the company’s code from multiple public-facing apps.
- UEFA and Unilever, relied on third parties to create apps for them which ended up containing Pushwoosh code.
Pushwoosh could be violating FTC laws and this discovery may trigger sanctionsas per legal experts. This would have a huge impact not only on the company, but the 8,000 apps its code is embedded in across Google Play and the iOS App Store.
Though the claims are falsified by konev, there is no clear evidence the stored data is being shared with Russia, but that doesn’t mean Pushwoosh couldn’t be compelled to share by its government.