If you are using OnePlus 5, 3 or its 3T model, an IT security researcher Elliot Alderson (whose real name is Robert Baptiste) has bad news for you. The researcher has discovered that all three of its top models are being sold with a pre-installed application that can be exploited to grant a backdoor root access to an attacker.
According to tweets sent out by Baptiste, the application called ‘EngineerMode’ comes pre-installed on all OnePlus including OxygenOS for OnePlus One. ‘EngineerMode’ was developed by Qualcomm, the same company who was previously in the news when its chipsets were found vulnerable to QuadRooter attack and affected millions of Android devices including OnePlus 1, 2 and 3.
“Hey @OnePlus! I don’t think this EngineerMode APK must be in a user build…?♂️ This app is a system app made by @Qualcomm and customised by @OnePlus. It’s used by the operator in the factory to test the devices,” tweeted Baptiste.
<Thread> Hey @OnePlus! I don’t think this EngineerMode APK must be in an user build…?♂️
This app is a system app made by @Qualcomm and customised by @OnePlus. It’s used by the operator in the factory to test the devices. pic.twitter.com/lCV5euYiO6
— Elliot Alderson (@fs0c131y) November 13, 2017
The purpose of developing EngineerMode application according to Baptiste was for factory testing, but it turned out either OnePlus forgot to remove the app or left it inside the operating system intentionally. This is just like having a backdoor on your device that can be used by an attacker not only to steal personal data but also to spy on a targeted user and gain admin privileges on their device.
Furthermore, Baptiste discovered that a targeted device could be rooted once ‘DiagEnabled’ activity is launched in the APK with a specified password. “He decompiled the library responsible for generating the password (called libdoor.so) and found where the password hash was located,” reported XDADevelopers.
Now, that the news has gone viral it poses a massive security and privacy threat to all OnePlus users since attackers might dig up their way and access the vulnerable devices. At the same time, OnePlus is investigating the issue and seems like the company didn’t know about the presence of EngineerMode app on their devices.
To find if your phone has the EngineerMode app open Settings -> Apps -> Menu -> Show system apps and search if the app is on the list.
Once again this app is a system app made by @Qualcomm. So possibly a lot of @Qualcomm based phones are affected. Can you open Settings -> Apps -> Menu -> Show system apps and search EngineerMode in the list to check? If you find the app reply to this tweet with your device model
— Baptiste Robert (@fs0c131y) November 14, 2017
However, the good news for all OnePlus users is that Baptiste is planning to release an app on Google Play Store that will allow users to root their OnePlus device.
This is not the first time when OnePlus is in the news for all the wrong reasons. In July this year, a Redditor from Seattle, United States shared a video evidence showing that whenever he dialed the emergency telephone number 911, his Android-based OnePlus 5 (OP5) smartphone rebooted itself for no apparent reason.
OnePlus plus users stay tuned, this article will be updated once Baptiste shares the link to his app on Play Store.