According to mobile security researcher Robert Baptiste-otherwise known by the pseudonym Elliot Alderson, a reference to the main character in the television series "Mr. Robot"-smartphones from OnePlus have for years contained a hidden backdoor that would allow root access to the device". However, it also holds a backdoor which is capable of root access, even if the device has not been unlocked.
Security researcher Robert Baptiste says the EngineerMode APK is made by Qualcomm and is meant to be used by factory staff to test phones for basic functionality before they are shipped out to the public.
Hackers who get hold of some OnePlus phones can get virtually unlimited access its files and software through use of an testing tool called called EngineerMode the company evidently left on phones.
Alderson, with the help of cybersecurity experts, was able to root a OnePlus device with a few commands. If this is set to "true", the app will allow root access over Android Debug Bridge, Android's command-line developer tools.
The Engineer Mode APK is capable of diagnosing Global Positioning System, run automated tests, check root status among other things.
The app, called EngineerMode, is not normally seen unless you ask to see the device's system apps.
You can also check if this application is installed on your OnePlus device or not. Check the name of native library used to check the code: door... However, carrying out such an attack would require physical access to the device-the hacker would need to have the smartphone in hand to hijack Engineer Mode and start doing damage. It should be a simple matter of just removing the APK in an update, but this will certainly put a damper on the launch of the OnePlus 5T, which comes out this week.
The discoverer of the app had a problem.
OnePlus did not immediately respond to a request for comment.