This is not the first time that OnePlus has been accused of compromising privacy of its users.
The developer, with the help of few cybersecurity experts, was able to discover the password and was able to root a OnePlus device with few commands. However, it also holds a backdoor which is capable of root access, even if the device has not been unlocked.
Entering the password into the EngineerMode app provides permanent root access to the Android Debug Bridge process. Hopefully, that ends with an update that removes the app. But Elliot Alderson found that the tool could be exploited by hackers to gain root access to a device, essentially gaining backdoor access into it where they could then take over the phone.
The app, called EngineerMode, is not normally seen unless you ask to see the device's system apps.
Boy found in auto at Newport was hiding
Police, paramedics and fire brigade crews had all rushed to the scene, which is close to a primary school and childcare centre. Children being picked up from school and day care by their parents were shepherded away from the area by emergency responders.
Baptiste found that OnePlus was shipping devices with the Qualcomm EngineerMode app - which is used by device makers for testing and diagnostics - with its OxygenOS customised version of Google's Android operating system. The developer further added that he will publish an application for rooting OnePlus devices without unlocking. It is alarming how easily someone can get access to your smartphones in this day and age.
Robert Baptiste, a freelance security researcher who goes by the name Elliot Alderson on Twitter after the Mr. Robot TV show character, found the tool on a OnePlus phone and tweeted his findings Monday. OnePlus has been alerted to the exploit and CEO Carl Pei has confirmed that the company is looking into it.
Thanks for the heads up, we're looking into it. While the company eventually reversed course on the data collection, another discovery has been made in the software of OnePlus phones.