OnePlus preinstalls app that can be used as a backdoor

Doris Richards
November 14, 2017

The dust has barely settled on OnePlus' private data collection issue, and already a new challenge has cropped up for the company.

Some of OnePlus devices come with EngineerMode APK app pre-loaded on them, which reportedly acts as a backdoor, giving people root access without the need for unlocking the phone.

On the one hand, it does mean that it will be dead simple to root those three OnePlus phones without even having to unlock the bootloader. The app in question is EngineerMode APK, and it has been developed by Qualcomm for the device manufacturers to test hardware components.

A developer recently discovered that an app installed on OnePlus devices (OnePlus 3, 3T, 5 according to Android Police) called "EngineerMode".

The Engineer Mode APK is capable of diagnosing Global Positioning System, run automated tests, check root status among other things. OnePlus devices could be rooted on launching "DiagEnabled" activity in the APK with a specified password that was found by decompiling "" with the help of a few cyber-security experts. It is alarming how easily someone can get access to your smartphones in this day and age. Speaking to Hindustan Times, Alderson said, "This loophole is a backdoor". The app gives unprecedented access to a host of security-sensitive features of your phone, with the worst offender being the "all clear" command, which would erase all data on the phone, internal storage and all. However, it can be exploited to enable backdoor rooting. OnePlus co-founder Carl Pei tweeted that the company will study the claims made by the developer, according to The Mobile Indian. It looks like the Chinese smartphone company has accidentally left behind the app on some of its smartphone units.

Thanks for the heads up, we're looking into it. But the team proved it can be done without a whole lot effort, which in turn leaves a lot of OnePlus devices vulnerable.

Other reports by Iphone Fresh

Discuss This Article