If anyone is using Windows 10 Firewall Control by Sphinx-software, which does enhance the ability to control what things have access to internet/local net, apparently the software itself has a 'phone-home' portion, and home is no longer what it was. Then, even later, starts coming up with a different IP on every inquiry - such as 52.219.32.114, which appears to be Amazon/AWS in Singapore and there's a website up that mentions Vietnam, but nothing about Sphinx-software products.
So, maybe this is a real hack/takeover or something I'm thinking. When I got around to asking nslookup about, I got back a 127.0.x.x address (= LAN no internet server) MBAM reporting trojan IP address 198.38.82.127 (shared hosting/Mocha hdq CA/USA) Starting sometime >24hrs ago, Malwarebytes popping up blocking connections being made by software I've used for some years - Windows 10 Firewall Control - attempting to contact the developer's website.
0 kommentar(er)
