OnePlus’ unusual invite system for purchasing its smartphones is not exactly popular with its fans. Jake Cooper grew frustrated at watching his place in the queue rapidly drop as people began inviting more friends to buy the phone; and then decided to see if there was anything he could do to outwit the system.
Cooper had originally secured an invite to buy the upcoming OnePlus 2 early, which provided him with a position around 9000 in the queue. However, as more referrals happened, his place dropped to below 70,000. Deciding that the game was on, he wrote a script that would send his referral link to dummy email addresses and subsequently automated the confirmation process.
The plan worked and he managed to skip from below 70,000 to an impressive 1,694. Cooper claims that this overshot is original target in the queue because he got up to get more tea.
OnePlus has already patched the vulnerability as Cooper was polite enough to inform the company. Ensuring that nobody else will be able to use the same exploit. However, he also discovered a better exploit to jump the OnePlus 2 invite queue; but this time used a dummy email for his proof of concept.
One Plus has acknowledged Cooper’s efforts to bring the problem to their attention, although it is unknown if they are referring exploits or just the first one. However, the company has said that it is monitoring the invite list for such behaviour, and will comb the list for fraudulent entries before the final invites go out.
[Source: Medium 1, 2; OnePlus]
