End point connection attempt to China IP

Forum|Forum|4 years ago
July 15, 2021
1 reply
2426 views

Hi All

Sorry if this is in the incorrect list. Wondering if anyone might have some advice on how to track down what application on an iPhone is generating traffic to an IP address (114.67.72.133) in China.

The iPhone was purchase in Canada (Telus about 16 months ago) never jailbroke and only has Canadian Apple store apps installed. The traffic we are seeing on our Fortigate may be legitimate and only shows up on our logs as we are blocking all traffic to that country.

We contacted Apple and can't get past support to engage with anyone from the security group to understand if the phone was somehow compromised.

Attached is the pic of the blocked traffic.

Screen Shot 2021-0__ at 3_55_47 PMs.jpg

mle2802

Staff

Hi @fab138,

After doing some research, this look like this particular device is have Wyze app for camera and this is why traffic is send to this Chinese IP. Wyze seems to use ThroughTek as a third party to make connection and allow user to manage their device. Can you double check if this device have Wyze app? If yes then this is expected.

Regards,
Minh

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded