A potentially risky backdoor in multiple OnePlus devices has been just unearthed by a knowing developer, revealing a hidden app that can be potentially used to gain root access and take control over the device. According to Android Police, the app is installed on the OnePlus 3, OnePlus 3T, and OnePlus 5. The app, developed by Qualcomm, has been essentially designed for OEMs to test hardware components or diagnostic tests on device. According to Alderson, the app is installed on some of the OnePlus devices. The app has the ability to diagnose Global Positioning System, check root status and perform a series of tests. "There's an activity - dubbed 'DiagEnabled" - associated with this app, which if launched with the correct password will give you the root access.
Getting root access to a smartphone allows a hacker to access "superuser" mode, making it extremely easy to inject malware with surveillance capabilities.
Root implies to the highest degree of access to an Android operating system that is usually deployed to safeguard the privacy of the user.
Just a month ago, OnePlus was caught collecting personally identifiable data from phone owners through incredibly detailed analytics.
Alderson, with the help of cybersecurity experts, was able to root a OnePlus device with a few commands. It looks like the Chinese smartphone company has accidentally left behind the app on some of its smartphone units.
Cut-off date set to spend old £10 notes
The new tenner is the first Bank of England note with a tactile feature to help blind and partially-sighted users. Old notes can still be spent ahead of this date and you can exchange them at the Bank once this point has passed.
For its part, OnePlus has confirmed that the company is looking into the claims made by the developer.
Will it affect OnePlus 5T sales?
Unlike the user data collection issue, this new PR headache might not be entirely OnePlus's fault.
OnePlus has recently accused of collecting a vast amount of sensitive private data from users' smartphones in the past and now, the company has been blamed for leaving a backdoor on its devices that is capable of granting root access.