If you recently updated your version of SuperSU to 0.97, you may have noticed a random command requesting super user access. Continual prompts to grant root access to “mksh: ip route add 18.104.22.168/4 dev wlan0″ have been popping up on HTC Sense devices.
Interestingly enough, the command running is not a new thing – only that SuperSU is reporting it is. SuperSU, until 0.97 allowed shell and system processes root automatically.
The random command is run by a piece of software included in most if not all Sense 4.x ROMs be they stock or not.
At this time it’s unknown why a stock piece of software is attempting to run a command by calling SU to execute it.
Chainfire has a post (linked below) that explains in more details what has been found so far. The short of it is that the command itself is not malicious; there’s just no reason for a system level process to bother calling SU to accomplish it.
The only result of the finding so far is to know why you’re getting mksh requests, and that it’s probably not something to be too concerned about. Or maybe it’s HTC tracking rooted Sense users. But most likely just some piece of code left over.