Smartphones with Qualcomm chips were found to send private user information, including IP address, unique ID, mobile country code, back to the U.S. chipmaker, according to a report by the German security company Nitrokey first released on April 25.
Nitrokey tested with a Sony Xperia XA2 smartphone. [...] No SIM-card was inserted in the phone, nor was the GPS location service turned on. The device can only access the internet through WiFi. The company monitored the data with Wireshark, a network traffic software, and found that the data will be transmitted to izatcloud.net server, which attributes to Qualcomm.
The report said the data packages were "sent via the HTTP protocol and are not encrypted using HTTPS, SSL or TLS," making them vulnerable to attacks as anyone accessible to the network "can easily spy on us by collecting this data, store them, and establish a record history using the phone's unique ID and serial number Qualcomm is sending over to their mysteriously called Izat Cloud."
It sent the data via WiFi.
Hm, I have an Xperia 5 IV but don't see any logs in my pihole to that domain. Wonder how frequently that sort of activity is happening