π

OnePlus 5: OxygenOS 5.0.1 OTA Update to Android 8 Re-Introduces the Backdoor

Show Sidebar

Update 2018-01-27: Evidence for theft of data through clipboard

A couple of monts ago, I wrote about my OnePlus 5 mobile which had a backdoor pre-installed. It was covered in tech media and people had to manually remove the backdoor software themselves.

Yesterday, I installed the OTA-update which brought Android 8 to my OnePlus 5 OxygenOS.

Fun thing: after downloading the 1.6GB update and starting the update process, my usually really stable WiFi router had an issue. This resulted in a non-functioning WiFi. Right after the first boot with OxygenOS 5.0.1 I had no WiFi connection. Unfortunately, I thought this is related to the update. However, it could be resolved by a router reboot.

Otherwise, the update went fine. However, I had to read that the backdoor I was mentioning before returned with a different app name. According to the article, EngineerMode is now called FactoryMode.

I had to disable the backdoor using the adb method again. In my case, the idProduct identifier changed with the update. This might apply to your side as well.

Theft of Secrets through Clipboard

There is evidence that the pre-installed software steals things like bank account numbers from your clipboard:

The @OnePlus #clipboard app contains a strange file called badword.txt 🤔

In these words, we can find: Chairman, Vice President, Deputy Director, Associate Professor, Deputy Heads, General, Private Message, shipping, Address, email, ...https://t.co/ePQvD1citn pic.twitter.com/3dCh0joVkH

— Elliot Alderson (@fs0c131y) January 25, 2018

If this is true, OnePlus is totally dead to me.


Related articles that link to this one:

Comment via email or via Disqus comments below: