John Floren

Home | Blog | Tools | Links
Back to blog archive

Posted 2021/2/18

Unidentified Android Telemetry

Some application on my Android device is beaconing out to, a Qualcomm domain, as shown in the Gravwell screenshot below.

What’s doing it? I don’t know, it’s an Android phone, a Moto G Power to be specific; I have no introspection capability.

Luckily, I’ve got CoreDNS running with a cron job to pull down an updated list of bad domains (see, so as you can see it’s getting blackholed. Still, it’s shit like this that makes me really want the Pinephone to succeed.