Kryptowire’s discovery of malware in Android-based smart phones

0

Kryptowire announced on 2016-11-15 the discovery of malware in Android-based smart phones sold by, among others, Amazon US and BestBuy. The malware was allegedly created by Shanghai ADUPS Technology Co., Ltd. Kryptowire claims the malware sends all your text messages, all your contacts, all your call history, etc., to the domain names listed below. The ADUPS company issued a statement claiming its services are simply spam countermeasures.

Kryptowire claims these domain names resolved to the IP address 221.228.214.101.

  • bigdata.adups.com
  • bigdata.adsunflower.com
  • bigdata.adfuture.cn
  • bigdata.advmob.cn

Today, 2 days later, those domain names resolves to the IP address 118.193.254.27. The domain name rebootv5.adsunflower.com still resolves to the IP address 61.160.47.15. Be sure to adjust your ACLs if you have entered the previously known IP addresses.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes:

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>