WiFi mouse app contacting Chinese servers in background

In my efforts to track down a wake lock that was eating battery, I installed Network Log. I found s something a bit disturbing. WiFi Mouse by necta.us, an app in Google's app store to let your touchscreen act as a mouse, Would
A) not exit after pressing back and hitting "yes" to exit but rather,
B) continue secretly running, making occasional contact with various servers in China. Overnight it contacted 15 different IP address, all of them Whois showing as a variety of Chinese companies with different names and address blocks. Sometimes it would use port 80, usually 224, 226, 226, 227, 228, or 230. This would happen at least every 15 minutes and some of the transfsers were up to 9.7k in length. After exiting, none of the traffic was to my wifi mouse server application.
Some of the IP blocks included:

I understand there are legitimate reasons for an app to do this. Perhaps checking a license. But this is downright scary and excessive, especially since it continues after one "exits" the program.
My next step will be to install shark and take a look at the packets' contents.

In the meantime I wonder if anyone could help shed light on this.

Edit: installed es task manager to kill it, but it's not running. Somehow it's being signaled or on a timer. Next stop is systemcleanup to take a look at its activities and permissions in detail.
Edit 2: had to force stop it, it was running but not showing up in task manager. It's permissions include reading and modifying usb storage and of course full network access.

Show Accepted Answer

Guest Quick Reply (No URL, BBcode or HTML)

Last post by major68
1 hour ago
Last post by nikolaus.ericka
4 hours ago
Last post by casper.alexie
2 hours ago
Last post by slangosh
4 hours ago
Last post by labbott
2 hours ago
Last post by justen25
1 hour ago
Last post by uschinner
2 hours ago