Pre-installed App on OnePlus devices Collects System logs
OnePlus users face security dilemma yet again as debug app left behind is found to collect system stats.
OnePlus seems to be in a bad run of security incidents recently.
The company was first caught collecting extensive user data and leaving behind a backdoor allowing root access. Soon after the revelation of this pre-installed backdoor, another “secret” app has been unearthed that records substantial phone logs.
OnePlusLogKit, another pre-installed system-level debug application can capture system stats and information, and stores them in an unencrypted log file.
Behind the discovery is a Twitter user, going by the name “Elliot Alderson” (incidentally the main character of drama–thriller TV series Mr. Robot), who also discovered the backdoor EngineerMode. All decompiled source codes were made available by the researcher on GitHub, encouraging others to hunt for anything interesting.
- Wi-Fi, NFC, Bluetooth, and GPS location logs,
- Modem signal and data logs, hot and power issue logs,
- list of the current running processes, services and battery status,
- media databases, including personal videos and images saved on the device.
Since the app is system-level, it is possible for users to root their phone and remove the apps. Rooting your OnePlus phone is now as simple as installing an app, AngelaRoot and following the instructions on Github.
Moreover, OnePlusLogKit should not be a widespread threat, as it requires an attacker to physically access the device to activate it.
Besides these two factory apps left on OnePlus devices, the company was also accused of collecting user telemetry without anonymizing data, an issue that could allow OnePlus to track individual users. Cyber-security firm Aleph Research also discovered that some OnePlus devices are vulnerable to OS downgrade attacks, allowing attackers to roll back OnePlus operating systems to previous vulnerable versions.