Hidden Backdoor Found in OnePlus Phones

A pre-installed application leaves users at risk.

OnePlus installs a certain application on their phones. This application is called EngineerMode and is used by the manufacturer for factory testing. Unfortunately, this application leaves a back door in the phone which leaves users at risk.

The vulnerability was found by Elliot Alderson who shared his findings on Twitter.

Alderson discovered that this app could, with the proper password, be used to root the device. With the help of a few others, the password was discovered, and root was obtained, by running just a few commands. Alderson promised to release an app soon that would enable users to root their phones.

I’m sure there are many in the rooting community that will appreciate this finding and rush to root their phones utilizing this method. But in reality, this should be seen as bad news for most users. Extremely bad news.

This method of root could easily be used in conjunction with a variety of other exploits in a malware attack. As we should all know by now, malware gaining root access to a device allows malware creators to do essentially anything they like with an infected device. From stealing information, to using the device to carry out tasks, without the owners knowledge, can be done once root access is achieved.

This app has been confirmed to be installed on the OnePlus 3, 3T, and 5 as well as the OxgenOS for OnePlus One.

OnePlus users need to be very careful with what they choose to install on their phones. Let’s hope that OnePlus does something quickly to protect their users.

OnePlus Logo

source: Android Police

 

Brad

BlackBerry Elite
Founder & Owner of UTB Blogs and UTB Geek.
When I’m not talking or writing about BlackBerry, you’ll find me using my BlackBerry.

  • NoSpamMcGee

    BlackBerry also leaves the EngineerMode app on their devices. You can load it up through ActivityLauncher. But I suppose it comes down to that flag being enabled in the app or not. Either way, the app itself isn’t uncommon.

    • Check the source for a more detailed explanation. It’s OnePlus’ method of utilization of the app which has created the back door.

Top