I'm not sure you are being paranoid enough.
Quote:
I just wanted to point out to everyone who is interested in buying an Alldocube iPlay 50 mini Pro 8" Tablet that their ota-server was hacked and I assume that malware/adware got installed through their official system updater (com.abfota.systemUpdate) in March 2024. They seem to use the same ota provider "Redstone" as the company Gigaset that was compromised in 2021 in a similar manner (https://www.bleepingcomputer.com/ne...infected-by-malware-via-hacked-update-server/) as I checked the apk via Virustotal and found references to "Redstone". They communicated this security issue only (?) on their forum (https://www.alldocube.com/en/forums/topic/11680/) without specifying any details about the implications for the end-user.
I bought the tablet in June 2024 so I think I'm not directly compromised by this specific issue, but I can see some strange dns-requests to the following domains which I can't find the cause of:
api.echoyesterday.com (very frequent as soon as a network connection is established)
us-a.keepgo123.com
us-a.gsonx.com
|
https://xdaforums.com/t/alldocube-ot...i-pro.4682746/