Menu
Menu
Backdoor dubbed Pork Explosion lets attackers go hog wild on Android phones

Backdoor dubbed Pork Explosion lets attackers go hog wild on Android phones

A backdoor in Android firmware provided by manufacturer Foxconn allows attackers to root devices to which they have physical access, according to a security researcher and BBQ enthusiast who dubbed the vulnerability Pork Explosion.

A backdoor in Android firmware provided by manufacturer Foxconn allows attackers to root devices to which they have physical access, according to a security researcher and barbecue enthusiast who dubbed the vulnerability Pork Explosion.

Jon Sawyer (who also goes by jcase online) discovered the vulnerability at the end of August, and publicized it on his blog on Wednesday, a day after smartphone vendor Nextbit, which was one of the most heavily affected OEMs, released a fix for the problem.

+ALSO ON NETWORK WORLD: Hardcore fans mourn the death of Nexus by denouncing the Pixel + Darkweb marketplaces can get you more than just spam and phish

According to Sawyer, Pork Explosion allows attackers that have physical access to an affected device to gain a root shell. The heart of the problem is a rogue fastboot command, which bypasses every authentication and security measure present and reboots the phone into a factory test mode.

Simply put, Sawyer said, this is a method that allows attackers to completely compromise an affected device over a USB connection, providing full access to the device’s data and offering the ability to unlock the bootloader without modifying user data.

“While it is obviously a debugging feature, it is a backdoor,” he wrote. “It isn’t something we should see in modern devices, and it is a sign of great neglect on Foxconn’s part.”

Not every Foxconn-made phone is affected – only those that use Foxconn’s own firmware. Sawyer said that vendors InFocus and Nextbit were definitely affected, and it’s probable that “many more” also have vulnerable devices.

Sawyer’s blog post also describes how to check whether a device is vulnerable to Pork Explosion, which requires a look at the Android internal partition table.

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

Join the CIO newsletter!

Error: Please check your email address.

More about Foxconn

Show Comments
Computerworld
ARN
Techworld
CMO