FOSS apps contacts google IP addresses?

I noticed that virustotal detects that some FOSS apps have network communications with google IP addresses.
even though these apps don’t contain a single line of code that communicates with google.
This is an example app

and its virustotal check

A lot of apps have this behavior and I suspect some google opensource libraries like material design.

It could just be from the virtual system that they run the apps in or just from the strings found in it.

1 Like

This one doesn’t

It’s in Izzy repo ADB Tool Kits Installer - IzzyOnDroid F-Droid Repository

it doesn’t use a google library and it has INTERNET permission

Why would virustotal systems contact google IPs ?

Because they test the app in the Android Emulator that has a stock system with Google Services… and those contact Google.

The results are not “the app does X” but “the Android system with the app installed does X”.

You can easily test any app, get Netguard, set it to block all, allow some, install that app… look at server it connects to…

FYI: Virustotal is owned by Google

2 Likes