The OnePlus Saga Continues…
Just a day after the revelation of the hidden Android rooting backdoor pre-installed on most OnePlus smartphones, a security researcher just found another secret app that records tons of information about your phone.
Dubbed OnePlusLogKit, the second pre-installed has been discovered by the same Twitter user who goes by the pseudonym “Elliot Alderson” and discovered the controversial “EngineerMode” diagnostic testing application that could be used to root OnePlus devices without unlocking the bootloader.
OnePlusLogKit is a system-level application that is capable of capturing a multitude of things from OnePlus smartphones, including:
- Wi-Fi, NFC, Bluetooth, and GPS location logs,
- Modem signal and data logs, hot and power issue logs,
- list of the running processes, list of running service and battery status,
- media databases, including all your videos and images saved on the device.
Unlike EngineerMode (which was found on devices by several manufacturers including HTC, Samsung, LG, Sony, Huawei, and Motorola), the OnePlusLogKit application (decompiled APK) most certainly is present only in OnePlus devices.
Since OnePlusLogKit is disabled by default, the attacker would require access to the victim’s smartphone to enable it.
With the physical access to the targeted smartphone, one can quickly enable it by dialing *#800# → “oneplus Logkit” → enable “save log,” or one can use social engineering to get the owner of the device to do it themselves.
Once enabled, any other application installed on your device can collect the logged information (stored unencrypted in the /sdcard/oem_log/ folder) remotely without requiring user interaction.
Although the app in question has been designed for device manufacturers and engineers to log the events/activities to diagnose system issues, the amount of information collected here could also be used for nefarious purposes.