Backdoor dubbed Pork Explosion lets attackers go hog wild on Android phones

A backdoor in Android firmware provided by manufacturer Foxconn allows attackers to root devices to which they have physical access, according to a security researcher and barbecue enthusiast who dubbed the vulnerability Pork Explosion.

Jon Sawyer (who also goes by jcase online) discovered the vulnerability at the end of August, and publicized it on his blog on Wednesday, a day after smartphone vendor Nextbit, which was one of the most heavily affected OEMs, released a fix for the problem.

+ALSO ON NETWORK WORLD: Hardcore fans mourn the death of Nexus by denouncing the Pixel + Darkweb marketplaces can get you more than just spam and phish

According to Sawyer, Pork Explosion allows attackers that have physical access to an affected device to gain a root shell. The heart of the problem is a rogue fastboot command, which bypasses every authentication and security measure present and reboots the phone into a factory test mode.

Simply put, Sawyer said, this is a method that allows attackers to completely compromise an affected device over a USB connection, providing full access to the device’s data and offering the ability to unlock the bootloader without modifying user data.

“While it is obviously a debugging feature, it is a backdoor,” he wrote. “It isn’t something we should see in modern devices, and it is a sign of great neglect on Foxconn’s part.”

Not every Foxconn-made phone is affected – only those that use Foxconn’s own firmware. Sawyer said that vendors InFocus and Nextbit were definitely affected, and it’s probable that “many more” also have vulnerable devices.

Sawyer’s blog post also describes how to check whether a device is vulnerable to Pork Explosion, which requires a look at the Android internal partition table.

IDG Insider


« Azure roundup: FPGAs, new VMs and fresh Europe regions


White House releases money for small-satellite broadband, smart cities »
IDG News Service

The IDG News Service is the world's leading daily source of global IT news, commentary and editorial resources. The News Service distributes content to IDG's more than 300 IT publications in more than 60 countries.

  • Mail


Do you think your smartphone is making you a workaholic?