A few weeks ago we published an article which explained how OnePlus devices were collecting personally identifiable user data and sending it to their data centers. While the public outcry after the finding made OnePlus to reverse its course on data-collection, the incident did malign the image of an otherwise very popular company. Well, today some more findings have been revealed by an independent developer which puts another question mark on the OnePlus device’s security status. The developer who goes by the name of “Elliot Alderson” on Twitter revealed his findings in a series of tweets.
General Trivia: Elliot Alderson is the name of lead character of Mr. Robot, who is a software engineer by day, and and a vigilante hacker by night.
The security flaw essentially has left a backdoor in every OnePlus device running on Oxygen OS including the OnePlus 3, 3T, and 5. This exploit can be used by someone to gain root access to your device. The tweets explained that OnePlus left in place a diagnostic testing application which can be easily exploited to grant root access, effectively acting as a backdoor. The application is called “EngineerMode” which is used in factories during the production process to test and confirm that the device is working properly. However, this app is not supposed to be inside devices which are being sold to the public.
<Thread> Hey @OnePlus! I don't think this EngineerMode APK must be in an user build…🤦♂️
This app is a system app made by @Qualcomm and customised by @OnePlus. It's used by the operator in the factory to test the devices. pic.twitter.com/lCV5euYiO6— Baptiste Robert (@fs0c131y) November 13, 2017
While you might think this is a good news for the rooting community, actually it’s not, because the backdoor allows for the rooting of device without even unlocking the bootloader on the phone, essentially turning this into an exploit with a huge security risk. This means anybody can make an application, which when you install on your device, can gain root access to your device and send your private and personal information to the hacker.
So yes, if you send the command: adb shell am start -n https://t.co/yYfeX14Ioj.engineeringmode/.qualcomm.DiagEnabled –es "code" "password" with the correct code you can become root!
— Baptiste Robert (@fs0c131y) November 13, 2017
Although, the chances that someone has already used this exploit to gain root accesses to OnePlus devices is very minimal, since the exploit is out in the open right now, you should refrain from downloading and installing any shady apps till the exploit is patched by the OnePlus. A good news is that OnePlus CEO Carl Pei has responded on Twitter and said that the OnePlus team is looking into this, and hence we should expect the patch to be released soon.
https://twitter.com/getpeid/status/930197107255992321
