What's new
By:

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Malware infection or not on phone

R

Raven

New Around Here
Hello

My Samsung A52-5G wanted to contact "customer.thewayofmoney.us" but the AirProtection of my Router (RT-AX86U Merlin firmware 3004_388.9_2) prevented that (hurray).
Now I read that this is a C&C Server and blacklisted because this server spreads malware, malware alias: FakeUpdate, GhoLoader, SocGholish and Confidence level is high (100%).

My question is whether my phone is infected with malware or the router (AirProtection) prevented this?
Sophos Intercept X reports that there is no malware on the phone, threats and PUAs 0 and low reputation apps 0.

Greetings Raven
 
Raven said:
Hello

My Samsung A52-5G wanted to contact "customer.thewayofmoney.us" but the AirProtection of my Router (RT-AX86U Merlin firmware 3004_388.9_2) prevented that (hurray).
Now I read that this is a C&C Server and blacklisted because this server spreads malware, malware alias: FakeUpdate, GhoLoader, SocGholish and Confidence level is high (100%).

My question is whether my phone is infected with malware or the router (AirProtection) prevented this?
Sophos Intercept X reports that there is no malware on the phone, threats and PUAs 0 and low reputation apps 0.

Greetings Raven
Click to expand...
I’d be thinking you’re ok. :)
 
Last edited:
If you didn't type in the mentioned domain yourself, something else must have wanted to contact it.

Doesn't that then mean that your phone is already infected?

(But just couldn't get (new?) instructions from the C&C server because your router blocked that request)
 
Yes, it's the phone that's infected and AiProtection has successfully prevented the malware from "phoning home".
Just need to establish which app is doing this. Since this has only come up now it has to be an app that's been installed recently, or it's been installed by one of those many popular free game apps.
Look at your apps listed by install date. It still may not even show there as it could be disguised as a game addon/upgrade/expansion.
 
Last edited:
You must log in or register to reply here.

Similar threads

D
When connected to my GT-AX6000 something is not allowing certain apps or functions to work on our phones and I need help how to troubleshoot
2
Replies
30
Views
4K
dyer4789
D
D
AiProtection keeps kicking in
Replies
1
Views
2K
pattiri
pattiri
Similar threads
Thread starter Title Forum Replies Date
spacemanspiff RT-AX86U running Merlin serving DNS - possible Malware infection Asuswrt-Merlin 31
B Phone USB tethering Asuswrt-Merlin 15
F RT-AX58U: laggy reponse phone to Chromecast with Google TV 4k Asuswrt-Merlin 3

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 782 (members: 16, guests: 766)
Back
Top