A security hole was recently discovered in MetroPCS' ZTE Score M, allowing third parties the ability to control the device.
On May 10, a guest post on Pastebin included a hard-coded password for a root shell backdoor that would allow a hacker access to the Score M.
The post reads:
The ZTE Score M is an Android 2.3.4 (Gingerbread) phone available in the United States on MetroPCS, made by Chinese telecom ZTE Corporation.
There is a setuid-root application at /system/bin/sync_agent that serves no function besides providing a root shell backdoor on the device. Just give the … Read more