Our DNS logs caught the following DNS lookups from an Samsung 10 phone after it updated to Android 10, December 2019 patch level:
*google.com (with the asterisk)
I can't find any reason for these lookups. The first is invalid, the second is a parked domain registered with GoDaddy, and the third is a TOR domain.
Finally, the device is communicating to an AWS IP address using TCP port 5229 without any corresponding DNS lookup that resolves to the address.
Anyone seen anything similar?
|thread locked Quote Subscribe||
Dec 21st 2019
1 year ago