Last VirusTotal Scan: 11/17/2023 23:23:14
Last Sandbox Report: 11/17/2023 23:23:13
Malware Family: Luminati (not currently classified as malware)
Not all malicious (or at least dishonest) code can rightfully be called malware, even if the tactics used by the software in question are similar or even undistinguishable from actual malware. The difference is in how they are used. And sometimes - as in this case - you can grant developers permission to turn your Android device into a hidden SOCKS proxy for paying customers.
One of my favorite methods of poking around on Android devices is to install a Linux chroot image on a rooted device so that I can make use of my favorite command-line tools. This gives me access to a full Linux distro on my device.
I recently discovered an Android app called AndroDumpper that seemed innocent enough. However, when first starting the application you see this message asking you to agree to sharing some of your device's wifi and cellular data: