Anyone going through some network abuse regarding vz and obfuscated sys app making long deep deep connections by C2 resources  stealing CA roots on the big ones? My big question here is this. Why would group sharing and quick share services ( which ive never once used or agreed to the terms) making more then 100 connections daily and uploading most days 200k packets of data landing to some private IP on the moon. Ive got it tracked about as far as the launch pad. After that she gone. None of the C2's are registered with Samsung as the same for the IPs I can track. Oh yeah, my keyboard is also delightfully logged. Honey board service is dumping key strokes through an AWS c2 before vanishing. Anyone care to delve. Let's see how long until they shut this post down. If so you know, and I know, they know but can't figure out the solution yet. Damage control tells the truth. But if this rant sticks,  I've got some good intell that might help you if this sounds familiar. 

P.S to my rant. You break I fix cant fix FYI.( I had really thought Samsung would have or want a grasp on this) Save your time and verizon is 100 percent clueless. What an enjoyable IVR journey this has been. I have memorized verizons ticket escalations by kiosk codes and the wonderful jazz set while on hold haunts me in my sleep, or plays in my head frequently. Even started whistling the tune in the shower last week. Its terrible. Btw, This is strictly network end. You'll be hard pressed to find much of anything residing in your device.