meanangrypig100687426orig

Backdoor dubbed Pork Explosion lets attackers go hog wild on Android phones

A backdoor in Android firmware provided by manufacturer Foxconn allows attackers to root devices to which they have physical access, according to a security researcher and barbecue enthusiast who dubbed the vulnerability Pork Explosion.

Jon Sawyer (who also goes by jcase online) discovered the vulnerability at the end of August, and publicized it on his blog on Wednesday, a day after smartphone vendor Nextbit, which was one of the most heavily affected OEMs, released a fix for the problem.

+ALSO ON NETWORK WORLD: Hardcore fans mourn the death of Nexus by denouncing the Pixel + Darkweb marketplaces can get you more than just spam and phish

According to Sawyer, Pork Explosion allows attackers that have physical access to an affected device to gain a root shell. The heart of the problem is a rogue fastboot command, which bypasses every authentication and security measure present and reboots the phone into a factory test mode.

Simply put, Sawyer said, this is a method that allows attackers to completely compromise an affected device over a USB connection, providing full access to the device’s data and offering the ability to unlock the bootloader without modifying user data.

“While it is obviously a debugging feature, it is a backdoor,” he wrote. “It isn’t something we should see in modern devices, and it is a sign of great neglect on Foxconn’s part.”

Not every Foxconn-made phone is affected – only those that use Foxconn’s own firmware. Sawyer said that vendors InFocus and Nextbit were definitely affected, and it’s probable that “many more” also have vulnerable devices.

Sawyer’s blog post also describes how to check whether a device is vulnerable to Pork Explosion, which requires a look at the Android internal partition table.

IDG Insider

PREVIOUS ARTICLE

« Azure roundup: FPGAs, new VMs and fresh Europe regions

NEXT ARTICLE

White House releases money for small-satellite broadband, smart cities »
author_image
IDG News Service

The IDG News Service is the world's leading daily source of global IT news, commentary and editorial resources. The News Service distributes content to IDG's more than 300 IT publications in more than 60 countries.

  • Mail

Recommended for You

International Women's Day: We've come a long way, but there's still an awfully long way to go

Charlotte Trueman takes a diverse look at today’s tech landscape.

Trump's trade war and the FANG bubble: Good news for Latin America?

Lewis Page gets down to business across global tech

20 Red-Hot, Pre-IPO companies to watch in 2019 B2B tech - Part 1

Martin Veitch's inside track on today’s tech trends

Poll

Do you think your smartphone is making you a workaholic?