Internet Security

Researchers See Rowhammer based Exploits Still Possible in Android

Researchers See Rowhammer based Exploits Still Possible in Android

Rowhmmer-Based threat: a new threat for Phones

With Technology you get threats of hacking and exploiting too. It is just a one for one thing, no system is completely free form bugs, threats of hacking or other compromise of data. When one threat is removed another crops up in its place and the same goes for this one too. An upgraded version of rowhammer has been discovered called RAMpage.

This new version of rowhammer takes advantage of the data in a phone and gives malicious applications full control of a device’s data. On a normal basis no two apps can take data from one and another without the user’s permission but in this case that rule does not apply.

More about Rowhammer variant:

As mentioned earlier apps cannot get access to data that is present on other apps without permission but in this rowhammer case, bad apps use a rampage exploit to get access to information stored in other apps on the device such as your passwords and other personal information that is supposed to be confidential.

Researchers are beginning to call this new version of rowhammer, rampage and for good reason too. This exploit involves ramming memory pages in order to gain temporary access to data.

Rampage stems from Rowhammer which is not an exploit in and of itself. Rowhammer was basically a hardware problem where by an issue of the hardware used to affect a computer’s RAM. It was first discovered by researchers in 2015.

What really is Rowhammer?

Rowhammer is an unconscious side-effect that affects a system’s dynamic random access memory or DRAM for short. It causes the memory cells to leak charges and interact between themselves.

The name comes from the exploit which involves hammering at a row of memory cells to get an electromagnetic interference from adjacent rows thus gaining access to data that was not previously intended.

When the memory rows are hammered a thousand times a second, the bits flip making 0s 1s and vice versa.

What Action was taken regarding Rowhammer:

Google acted on this problem by making changes to ION memory manager which is a universal memory management system which Google added to android. The changes made to ION restricted access to physical contiguous kernel memory.

Coming back to Rampage:

Rampage involves someone exploiting ION by using a write and refresh request on the device’s RAM to flip a bit in a nearby memory row. This then allows an app to gain access to other data in other apps.

What devices are affected?

Android devices shipped with LPDDR2, LPDDR3,LPPDR4 memory are susceptible to the Rampage exploit.

What steps are taken to take control of the Rampage situation?

Researchers at VrijeUniversiteit in Amsterdam are working closely with Google to come out with a solution to rowhammer’s variant- Rampage.

According to Google they are working with the researchers and believe that this problem won’t affect the majority of their users but in spite of that, are determined to protect the users that are affected by the issue.

Tags : AndroidRowhammer

The author FileEdge