Saturday, 18 November 2017

OnePlus Users Should Beware Of Hackers, They Could Take Over Your Smartphone

Qualcomm had released an application which goes by the name EngineerMode. OnePlus, the company which is delivering some good quality smartphone at affordable prices seems to forget to remove the EngineerMode app from the devices.


For smartphone manufacturers, Qualcomm had released an application which goes by the name EngineerMode. This app lets user test the hardware component of the smartphone.

However, the app is meant for smartphone manufacturers and shouldn’t reach the public because this app gives root access to anyone without unlocking the bootloader, opening up a potential security breach.

OnePlus, the company which is delivering some good quality smartphone at affordable prices seems to forget to remove the EngineerMode app from the devices. As we already mentioned that the app is built to be used only during the testing of the device. Several users have found the EngineerMode installed on OnePlus 2, OnePlus 3, OnePlus 3T and OnePlus 5 smartphone.

Twitter user fs0C131y analyzed the EngineerMode app and found that one of the features of EngineerMode app is to release the root access, allowing hackers to make sophisticated attacks on the devices. With that hackers can install malware or spyware apps without user permissions.

Security Researcher, Elliot Alderson, analyzed the app and found that the app was actually hidden behind a password. However, the researchers are quick to crack the password and found that the password is “Angela”.

In return, OnePlus co-found Carl Pei has told that the company is looking into it 

 Thanks for the heads up, we’re looking into it.

OnePlus had also written a detailed Blogspot on the issue and states that it’s not a major security issue

EngineerMode is a diagnostic tool mainly used for factory production line functionality testing and after sales support. We’ve seen several statements by community developers that are worried because this apk grants root privileges. While, it can enable adb root which provides privileges for adb commands, it will not let 3rd-party apps access full root privileges.

Qualcomm had released an application which goes by the name EngineerMode. OnePlus, the company which is delivering some good quality smartphone at affordable prices seems to forget to remove the EngineerMode app from the devices.


For smartphone manufacturers, Qualcomm had released an application which goes by the name EngineerMode. This app lets user test the hardware component of the smartphone.

However, the app is meant for smartphone manufacturers and shouldn’t reach the public because this app gives root access to anyone without unlocking the bootloader, opening up a potential security breach.

OnePlus, the company which is delivering some good quality smartphone at affordable prices seems to forget to remove the EngineerMode app from the devices. As we already mentioned that the app is built to be used only during the testing of the device. Several users have found the EngineerMode installed on OnePlus 2, OnePlus 3, OnePlus 3T and OnePlus 5 smartphone.

Twitter user fs0C131y analyzed the EngineerMode app and found that one of the features of EngineerMode app is to release the root access, allowing hackers to make sophisticated attacks on the devices. With that hackers can install malware or spyware apps without user permissions.

Security Researcher, Elliot Alderson, analyzed the app and found that the app was actually hidden behind a password. However, the researchers are quick to crack the password and found that the password is “Angela”.

In return, OnePlus co-found Carl Pei has told that the company is looking into it 

 Thanks for the heads up, we’re looking into it.

OnePlus had also written a detailed Blogspot on the issue and states that it’s not a major security issue

EngineerMode is a diagnostic tool mainly used for factory production line functionality testing and after sales support. We’ve seen several statements by community developers that are worried because this apk grants root privileges. While, it can enable adb root which provides privileges for adb commands, it will not let 3rd-party apps access full root privileges.

No comments:

Post a Comment