Your OnePlus Device Is Prone To Hacking

Adjust Comment Print

Earlier this year BLU was revealed to have some serious security concerns, and even OnePlus has had issues revealed.

The application in question is EngineerMode, in which its goal is to test Qualcomm processors easily.

"If you have an OnePlus device, I'm pretty sure you have this app pre-installed".

According to one developer named as Elliot Alderson, OnePlus has an application called as "EngineerMode", which is basically used to check whether the unit is working properly or not in the factory.

Root access was still hidden behind a password, but once that was cracked, that developer was able to obtain root access on the phone. It's been discovered that a testing app has been left on many OnePlus devices, creating a backdoor that bypasses the need to unlock the bootloader to get root-level access.

Alderson said that he would publish an app soon to allow users to simply gain root access to their devices. With root access, an attacker could change just about anything about the device's software. Furthermore, there was a hint to an "AngelaRoot" mode embedded in the APK itself.

Versions of Engineer Mode were also found on a handful of other devices, including smartphones from Motorola, Xiaomi, Lenovo and Oppo. The application is present in all OnePlus devices including 3, 3T and 5. Check the name of native library used to check the code: door...

This app is a system app made by @Qualcomm and customised by @OnePlus. Later, Pei confirmed in a blog post that OnePlus it will scale back on data collection on its devices. If it was overlooked, it is likely the upcoming 5T would have it also, which would necessitate removing the app before the device ships on November 16.

The discoverer of the app had a problem.

In a statement to Android Authority, OnePlus said "We securely transmit analytics in two different streams over HTTPS to an Amazon server".