[Update]: OnePlus Backdoor May Not Have Been Apocalyptic But It Sure Exposes the Company’s Security Processes

Since this morning, several reports have been circulating suggesting that OnePlus has been including a backdoor in its devices that can enable attackers to root the devices. It appears that OnePlus isn't alone in this asElliot Alderson, pseudonym of the security researcher who first spotted this backdoor, says that other Qualcomm based devices are also potentially affected.

Theapp in question is EngineerMode, which is designed by Qualcomm to be used in factories to perform several operations during the testing processes. It is expected of the OEMs to remove this app after the in-house testing. However, it has been discovered on various devices, including OnePlus 3, OnePlus 3T, OnePlus 5 ($499.99), and devices from Xiaomi, Motorola, and others. Alderson is currently collecting samples and wrote to Wccftech that "almost all brands have this APK: Motorola, Xiaomi, Oneplus, Oppo."

I have an ASUS Zenfone 3 Max and I have the Engineering Mode in my system apps as well.

— Pat ヽ(^。^)ノ (@pakwik) November 14, 2017

While it is unclear what other models are affected, OnePlus is currently getting a lot of heat because several users have confirmed seeing EngineerMode in various OnePlus phones. It's been only a month when the company was caught collecting personally identifiable data from its phone users. The company took quick action to these concerns at the time, however, it raised several eyebrows and the latest report will just add into the headaches for the Shenzhenbased Chinese smartphone company.

EngineerMode and what it can do

The series of tweets posted by the researcher suggest that the app can perform a number of intrusive actions, including the ability to root devices. It can diagnose GPS, check the root status, and do more.All of these functions are expected to be found in a diagnosis app that the engineers may need to test phones before they are shipped out. However, by potentially accidentally leaving this APK, the companies have left a backdoor for attackers to perform malicious functions and gain root access of the devices.

Here the Privilege class. Check the name of native library used to check the code: door... Ladies and Gentlemen please say hi to the backdoor made in @Qualcomm pic.twitter.com/ns0JI1nvWD

— Elliot Alderson (@fs0c131y) November 13, 2017

Alderson adds that the app can actually be used to root the device by launchingDiagEnabled function found in the APK. The researcher added that an attacker with physical access to the phone or malware installed on it only needs to run the following command to root the device:

adb shell am start -n com.android .engineeringmode/.qualcomm.DiagEnabled --es "CODE" "PASSWORD"

, where CODE = code and PASSWORD = angela

Other independent researchers have confirmed these findings and some are working on a proof of concept, however, neither Qualcomm nor OnePlus or other firms have responded to this yet. If you are worried your Android phone might have this backdoor too, you can confirm it by going toSettings>Apps>Menu>Show system apps.

We arereaching out to Qualcomm and OnePlus and will update this piece as we receive any comments.