November 20, 2017

Another Dangerous App Found on “One Plus Phones” that Logs System Data

Just after a month after One Plus was caught collecting users phone data without their consent, a security researcher has found an app that records miscellaneous information on your phone.

A Twitter user with pseudonym Elliot Alderson found an app named OnePlusLogKit preinstalled in the One Plus device capable of recording tons of data. It is a system level application that can access a wide range of information such as Wi-Fi, NFC, Bluetooth, and GPS location logs, Modem signal and data logs, hot and power issue logs, list of the running processes, list of running service and battery status, media databases, including all your videos and images saved on the device.


Apparently, the OnePlusLogKit is disabled by default in the One Plus devices but it can be enabled by a hacker and can gain access to the information. A hacker can enable it by dialing  *#800# on the victims mobile ( a hacker needs physical access to the victims mobile in order to enable the onePlusLogKit). After enabling it, an app which can read data installed on your device can collect the data stored in “unencrypted in the /sdcard/oem_log/ folder” remotely.

Basically, the app is developed by the manufactures to log the events/activities to solve any system related problems but the information it collects can be easily misused by hackers. OnePlusLogKit is introduced in March 2015 in OxygenOS devices after the company dropped CynogenOS.


However, there are other apps on the phone that collect users information without consent. The same Elliot Alderson has discovered another dangerous app on One Plus called Engineer Mode which gives root access to the system when exploited. And it could get worse if an attacker has your phone in ADB mode and connect it to PC via USB. So, One Plus has promised to remove the Engineer mode on the One Plus devices through a software update.

A OnePlus spokesperson made a statement that “While it can enable adb root which provides privileges for adb commands, it will not let 3rd-party apps access full root privileges. Additionally, adb root is only accessible if USB debugging, which is off by default, is turned on, and any sort of root access would still require physical access to your device.”


Qualcomm, the SnapDragon chip maker which created the Engineer mode made a statement that “After an in-depth investigation, we have determined that the EngineerMode app in question was not authored by Qualcomm. Although remnants of some Qualcomm source code is evident, we believe that others built upon a past, similarly named Qualcomm testing app that was limited to displaying device information. EngineerMode no longer resembles the original code we provided.”

Not only this, even a month before a UK-based security researcher caught One Plus collecting users data through an domain.

Coming to the OnePlusLogKit, you can prevent your phone from being misused by enabling a Screen Lock PIN but not a Pattern lock. And don’t let any unknown persons handle your phone. However, an antivirus software wouldn’t do anything in this case.



About the author 


{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}