Recently, a pre-installed rooting app was found in OnePlus devices which allows root permission without unlocking bootloader. Now again a pre-installed app dubbed as ‘Onepluslogkit’ is found in OnePlus devices which collects lots of information from OnePlus devices. Onepluslogkit is discovered by the same security researcher who found the ‘EngineerMode’ app in OnePlus devices.
Onepluslogkit is a system level application which captures device information including
- Wi-Fi, NFC, Bluetooth, and GPS location logs
- Modem signal and data logs, hot and power issue logs
- List of the running processes, list of running service and battery status
- Media databases, including all your videos and images saved on the device
This information capturing app is set to disabled by default and attacker requires access on target device to enable it. With physical access to the OnePlus device it’s easy to enable the App just by using a call code “*#800#” then open “Onepluslogkit” and enable “save log” option. Attackers can also enable this option by using Social Engineering and tricking the Oneplus user.
After enabling, it starts collecting information remotely without user interaction. Whenever you install new apps and this log information get stored in /sdcard/oem log/ folder.
Onepluslogkit app is developed for manufactures to diagnose the system issues from log event/activities and the amount of information collected is enough for use in nefarious purposes.
If you want to keep your information safe, always install trusted application, avoid spam webpages and apps.