Oh dear. Hot on the heels of the EngineerMode APK that was discovered and could make it very easy to root OnePlus devices, the same security researcher has found another app that dumps tons of info about your phone. The app in question is called OnePlusLogKit and it’s a system-level application that can dump your wifi logs, NFC logs, and even your GPS logs.
<Thread> Hi @Oneplus 👋! Remember me? Let's talk about another debug app you left in your device.
OnePlusLogKit is a system application which allow you to do a multitude of things: get wifi logs, nfc logs, gps logs pic.twitter.com/HvnErm8rXg
— Elliot Alderson (@fs0c131y) November 15, 2017
The app can also see a list of currently running processes and services, battery statistics and more. It’s likely designed to help OnePlus diagnose faulty devices, but the sheer amount of information collected here could be used for nefarious purposes. For example, banking trojans often check for processes running on a device in order to run a phishing overlay when the user opens their banking app.
What’s most egregious about this is that the app dumps these files to the phone’s SD card for easy pickup. By entering *#800# on the phone’s dialpad, you can enable OnePlusLogKit which presents a serious security threat. Hackers targetting those with the device could create an APK to enable the logging feature and collect the unencrypted logs, or they could use social engineering to get the owner of the device to do it themselves.
OnePlus has yet to address this new issue, despite the Mr. Robot-themed security researcher bringing this to their attention in the first tweet that you see above. Qualcomm recently responded to allegations that the EngineerMode APK was their app by admitting that there are traces of code from their original app, but that the current APK found on devices has been modified by someone else.