Android Bitdefender Scam Alert Unifi Apps

retnuh
edited November 29 in Mobile Security

Direct relation to:

Since that post was closed out, I am reviving it. There has been several other posts and complaints about this.

I am fully willing and available to assist with providing any information needed regarding a solution to this issue.

I love BitDefender, my whole home network is Unifi equipment, I have several servers, vm's, and multiple host items that I get notified for.

Primary issue is the Unifi Networks app on Android when I get notifications from 'Intrusion Detected and Blocked' as the title, and then in the description of the notification in the notifications section has the IP Address of where the intrusion is from. Ex: "A network intrusion attempt from 147.185.132.106 has been detected and blocked." is my current notification. This causes BitDefender pop up to come up and darken my screen to say it saw the 'threat'. This is 1 - annoying, and 2 - a danger especially when I am riding my motorcyle and using my phone for navigation. It's a non issue in my car because I have android auto, but those with cars without android auto or similar would also have this issue of being unable to interact with their phone (music, maps, google, etc) until they close the BitDefender alert.

Why is there no way at all to either have BitDefender have the option to exclude an app from this Scam Alert feature, a way to not mark my phone as in secure if I turn off the Scam Alert feature, or have it not pop up and notify me of these 'Scam Alerts' that block access to me using my unlocked phone? The only thing BitDefender has notified me about when I use this feature, is my alerts from my Unifi equipment, that has already blocked the threat.

App URL: https://play.google.com/store/apps/details?id=com.ubnt.easyunifi&pcampaignid=web_share

Related Ubiquiti article with exact screenshots of the issue: https://community.ui.com/questions/Unifi-app-bit-defender/8b966067-d2dd-4ab2-b74e-7d835816a839

Answers

  • Flexx
    Flexx mod
    edited November 9

    The detection by Bitdefender seems to be accurate, as shown in the VirusTotal link below. In addition to antimalware vendors, several IP blacklist vendors on VirusTotal also detect the shared IP as abused.

    https://www.virustotal.com/gui/url/1b8379cb1ca9ef1aeef79b57b087d12dfed2adcf08d5effc5bfadffecfc7bc47?nocache=1

    You can also see that many well-known IP vendors have detected the shared IP as abusive, as stated in the link below.

    https://www.abuseipdb.com/check/147.185.132.106

    https://www.ipvoid.com/ip-blacklist-check/ - Enter the IP and check

    Regards

    Life happens, Coffee helps!

    Show your Attitude, when you reach that Altitude!

    Bitdefender Ultimate Security Plus (user)

  • The post is closed for further comments.

    Regards

    Life happens, Coffee helps!

    Show your Attitude, when you reach that Altitude!

    Bitdefender Ultimate Security Plus (user)

This discussion has been closed.