OnePlus accused of leaving a backdoor to give root access

It's possible to obtain root access on OnePlus phones without unlocking

Dubbed "EngineedMode", the app has been created by Qualcomm to most certainly test out hardware, but OnePlus has taken it to itself to tamper with the app, customize it, and preload it on a plethora of devices, including but not limited to the OnePlus 5, OnePlus 3, and OnePlus 3T.

The application is called "EngineerMode" and was developed by Qualcomm for factory testing. While that was deliberate, the company is again in the news for another problem with its devices, where a preloaded app can allow users to root their devices through a backdoor, without unlocking the bootloader.

Some of OnePlus devices come with EngineerMode APK app pre-loaded on them, which reportedly acts as a backdoor, giving people root access without the need for unlocking the phone.

For owners of OnePlus devices who are curious to learn if the Engineer Mode app is installed on their device, it is possible to find the app by going to Settings, opening the Apps menu, tapping Menu, and Show System apps. Worse, the security software in the smartphone will fail to diagnose any such issue if the "superuser" has installed some high-tech malware in the system, notes First Post. "So it's not unsafe, it just means anybody with the password can plug your phone to a computer and take all your data".

The inclusion of the app appears to be an oversight on the part of OnePlus, and company founder Carl Pei said the team is looking into it. A malicious app or malware that is built around this loophole would potentially be able to target OnePlus devices and wreck havoc.

Thanks for the heads up, we're looking into it.

OnePlus' co-founder clarified that the company was collecting data to "better understand general phone behavior and optimize OxygenOS for a better overall user experience". At the time, OnePlus stated that the whole goal of collecting data was to improve the service.

Related News: