Hi all, I’ve recently only begun using GlassWire and I’ve noticed something a bit strange while executing a program. I’m very paranoid when it comes to my internet security so I could of course just be overthinking this, however it’s just something I’ve observed. When I launch an executable, that executable establishes a connection to my router/communicates with my router. Does anyone know why this happens? The application in question is HiyaCFW, a custom firmware console tool that’s used to replace the Nintendo DSi’s firmware. However, upon running it through Hybrid-Analysis, (EDIT: I can’t link to the specific analysis, unfortunately. :/) it’s only marked as suspicious, and shows no intent of communicating with my router. Any idea as to why this happens? Any information or help would be appreciated!
Does that software need to connect to your Nintendo for some reason? Maybe it’s seeking it out on the local network?
AFAIK it doesn’t do that. It essentially just writes files, so I’m not sure why it’d need to communicate with my router. Is this a malicious indicator? Or is it just a fluke?
I don’t know, but many apps have different types of analytics or telemetry to see how they are being used or how often. Perhaps that tool has some sort of telemetry.
Mobile apps are the worst for having this but Windows apps can have telemetry also.
Ah, I see. I’ll definitely look into that right now. Thank you so much for the insight!