Jump to content

Malware command and control connection lists a source other than my IP

Recommended Posts

My phone shows all sorts of signs of infection. Hardly any of my apps work. I get strange popups that say unable to connect to server, before I've even installed anything on my phone, I do not receive all of my texts, calls or emails, nor do others receive all of mine, there is an echo and it is hard to hear on phone calls, 611 was reprogrammed to call a non-at&t number, every new phone from warranty exchange, arrives with a user certificate for "FindMyMobile" already installed and a program "Mobile Services Manager", which VirusTotal flags as malware, "find my device" keeps being reenabled as administrator, my recovery logs say "warning. Trace printk is being used! If you are not debugging, report this immediately to your vendor!!!" or something like that, sometimes devices will become unable to take screenshots or access storage for photos, I am under heavy DOS attack. Earlier, I counted about 125 DNS connections at once, when I put in my password, after device startup, the phone restarts and makes me put it in again, webpages constantly give me connection refused and network change errors, there is a persistent connection on port 6000, which utilizes usually ports 6200 to 6302 locally, in which my local IP always appears as an IP in a random different country and the destination IP is always single digits that begin in 0, such as and is not listed with IANA except to say it is registered there is a frequent connection on port 5223 to an AWS server in Dublin, which i can also attribute to increased activity and another on 853, which runs as an unknown root service, all of which use a different local IP. The port 6000 and 853 connections used to be supposedly attributable to AT&T labs in middle town, NJ but now return nothing 

This has occured on every device I have had, since about the note 2, to some degree but it has gotten worse.

I attached a few pages of the UDP 53 connections. If anyone wants to be bored with the other 20 or so pages, I would happily share. Also attached screenshots of the other spurious connections. The reason I am not testing stuff with ADB or some computer utility is that all of the computers I would ever use on a network anywhere close to home are much worse off than my phone.



Screenshot_20190627-104749_Network Manager.jpg

Screenshot_20190627-104702_Network Manager.jpg

Screenshot_20190627-104648_Network Manager.jpg

Screenshot_20190627-104702_Network Manager.jpg

Screenshot_20190627-104636_Network Manager.jpg

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.