Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

finosfin.com #32076

Closed
spirillen opened this issue Jan 15, 2025 · 4 comments
Closed

finosfin.com #32076

spirillen opened this issue Jan 15, 2025 · 4 comments

Comments

@spirillen
Copy link
Contributor

spirillen commented Jan 15, 2025
edited
Loading

Comments

Due to their incident that add loan ads app AS SYSTEM APP, it's already baked in on ColorOS 4 (Android 13) devices and up, but it's bundled through system update on older devices.

List your packages

Package name: com.fintech.life
Current list: OEM (Oppo/Realme)

Current description:
China financial or payment app, note that it access locations, contacts, camera, mic and contain ads, Pithus report this as 'High Risk'

Proposed description:
China financial or payment app that show advertisement notifications (mostly loans), it access locations, contacts, camera, mic by default, some peoples in Thailand also reported that they cannot use legitimate regional banking apps until this app were disabled or uninstalled with adb method.
While newer devices that start with ColorOS 4 (around Android 13) are already baked in, it's seems likely comes with system update at older devices of those brands, so this is really shady and constantly lost trusts from many users.
https://safereddit.com/r/Thailand/comments/1hzdwhr

Wildcard domain records

finosfin.com|malicious

Sub-Domain records

null

Hosts (RFC:952) specific records, not used by DNS RPZ firewalls

life.finosfin.com|malicious

Safe Search records

null

Screenshots

Screenshot, click to expand

N/A

Links to external sources

logs from uBlock Origin

N/A
@kowith337
Copy link

I'm also add hizontech.com later based by Thai article, are you also check this domain as well?

@spirillen
Copy link
Contributor Author

Feel free to :) the more knowledge we can share,... but that domain is parked(inactive) and for sale by the domain pirated

DNS lookup

hizontech.com.  43200   IN      NS      ns1.dns-parking.com.
hizontech.com.  43200   IN      NS      ns2.dns-parking.com.

@kowith337
Copy link

I feel like they probably know that they cannot keep the domain for long after information widespread, even app itself are removed out because bombardment negative reviews, though.

@kowith337
Copy link

I'm sorry for my bad typo, the actual domain that need to check is hizonetech.com (missed one e letter)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@kowith337 @spirillen