Network Trojans Detected @ 54.36.160.53:80 and 196.245.9.75:0
  • .. are these SecuritySpy phoning home?
  • 54.36.160.53 is bensoftware.com and ddns.bensoftware.com. Here are the reasons that SecuritySpy might make outgoing connections to this server:

    1) To set your DDNS name, if you have set this up in the Web Preferences.

    2) To check for license violations, whereby one SecuritySpy license code is being used on two Macs at the same time.

    3) To obtain iOS Notifications feedback data. This contains information about failed iOS notifications, so that SecuritySpy can stop notifications to a device that no longer has our SecuritySpy iOS app installed. If we don't do this, Apple will block us from their notification servers.

    4) Auto-update connection: SecuritySpy obtains a small text file to determine if if there is an update. No personal data is transmitted. Auto-update can be turned off in the General Preferences.

    196.245.9.75 is not one of our servers.

    It's weird that these are being called "Trojans" - these are simply outgoing connections to the Internet, and there are perfectly legitimate reasons why software would need to do this.
  • Thanks Ben ... I use the Unifi Controller for our network and its Intrusion Detection System identifies the call out as a "Network Trojan". I can just whitelist it ;-)

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!