OnePlus Left A Backdoor That Allows Root Access Without Unlocking Bootloader

Capturar

by Swati Khandelwal

November 13, 2017

Another terrible news for OnePlus users.

Just over a month after OnePlus was caught collecting personally identifiable information on its users, the Chinese smartphone company has been found leaving a backdoor on almost all OnePlus handsets.

A Twitter user, who goes by the name “Elliot Anderson” (named after Mr. Robot’s main character), discovereda backdoor (an exploit) in all OnePlus devices running OxygenOS that could allow anyone to obtain root access to the devices.

The application in question is “EngineerMode,” a diagnostic testing application made by Qualcomm for device manufacturers to easily test all hardware components of the device.

This APK comes pre-installed (accidentally left behind) on most OnePlus devices, including OnePlus 2, 3, 3T, and the newly-launched OnePlus 5. We can confirm its existence on the OnePlus 2, 3 and 5.

You can also check if this application is installed on your OnePlus device or not. For this, simply go to settings, open apps, enable show system apps from top right corner menu (three dots) and search for EngineerMode.APK in the list.

MORE: https://thehackernews.com/2017/11/oneplus-root-exploit.html

Mais do que uma solução tecnológica, somos uma decisão estratégica para as organizações.

Nossa missão é redefinir a relação das empresas com a cibersegurança e a experiência dos usuários no processo de autenticação e acesso a ativos tecnológicos.