- Jul 22, 2014
- 2,525
A security researcher has found a second factory app that was included on OnePlus devices delivered to customers, and this one can be abused to dump the user's photos and videos, but also GPS, WiFi, Bluetooth, and various other logs.
Discovered by a mobile security researcher who goes online by the pseudonym of Elliot Alderson —the name of the main character in the Mr. Robot TV series— this app's name is OnePlusLogKit and is an application that comes preinstalled on OnePlus devices, also running with system privileges.
The same security researcher found a similar OnePlus factory app yesterday. That app, named EngineerMode, allowed a user or malicious threat actor to root devices.
Debug app provides easy access to a bunch of OnePlus logs
According to a series of tweets and screenshots of the app's source code the researcher published online today, this second app has the ability to enable logging of various phone services, logs which it saves on the phone's SD card.
This is a big security issue, Alderson told Bleeping Computer in a private conversation. An attacker can enable the logging behavior in three ways and then steal the collected logs as they pile up.
OnePlusLogKit logging can be enabled by entering *#800# via the phone's dial pad. This brings up the app's interface where various logging features can be turned on or off.
An attacker with physical access to the device can enable the logging and collect the logs at a later date. In addition, attackers could use social engineering and trick users into enabling the logging themselves and later sending over the log files.
Last but not least, an attacker can use malware to enable logging and data collection programmatically.
"You don't need to be root here," the researcher said. "The log files are stored in the SD card. So if an app has the permission to read the SD card, it can access the logs."
No good reason why this app is on customer devices
....
Discovered by a mobile security researcher who goes online by the pseudonym of Elliot Alderson —the name of the main character in the Mr. Robot TV series— this app's name is OnePlusLogKit and is an application that comes preinstalled on OnePlus devices, also running with system privileges.
The same security researcher found a similar OnePlus factory app yesterday. That app, named EngineerMode, allowed a user or malicious threat actor to root devices.
Debug app provides easy access to a bunch of OnePlus logs
According to a series of tweets and screenshots of the app's source code the researcher published online today, this second app has the ability to enable logging of various phone services, logs which it saves on the phone's SD card.
This is a big security issue, Alderson told Bleeping Computer in a private conversation. An attacker can enable the logging behavior in three ways and then steal the collected logs as they pile up.
OnePlusLogKit logging can be enabled by entering *#800# via the phone's dial pad. This brings up the app's interface where various logging features can be turned on or off.
An attacker with physical access to the device can enable the logging and collect the logs at a later date. In addition, attackers could use social engineering and trick users into enabling the logging themselves and later sending over the log files.
Last but not least, an attacker can use malware to enable logging and data collection programmatically.
"You don't need to be root here," the researcher said. "The log files are stored in the SD card. So if an app has the permission to read the SD card, it can access the logs."
No good reason why this app is on customer devices
....
