Researchers have demonstrated a way for the Rowhammer exploit, found previously in PCs, to be used on mobile devices...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
that are ARM-based. In fact, researchers say the exploit may be more effective on mobile devices. What is the issue with ARM, and how does it enable more effective Rowhammer attacks?
Hardware-based security vulnerabilities and attacks are not commonplace, but they do exist, and could provide access to an otherwise secure system.
Researchers from the Vrije Universiteit Amsterdam in the Netherlands and the University of California in Santa Barbara found that the Flip Feng Shui technique allows the Rowhammer hardware bug to be exploited by a deterministic Rowhammer, or Drammer, attack. Besides PCs and Android mobile devices using ARM processors, the deterministic Rowhammer attacks could extend to cloud services.
How the Drammer attack impacts ARM devices
The issue with ARM is similar to problems faced by other hardware platforms using vulnerable dynamic RAM, even though the ARM platform is significantly different than devices running on the x86 processor. The ARM CPU uses RISC CPU architecture, and is less complex than the complex instruction set computing CPU architecture that x86 uses. ARM relies more on external memory than x86, since x86 CPUs have memory included in the chip.
Researchers were unsure if the memory access would be fast enough on ARM to be vulnerable to Rowhammer-style bugs. The researchers investigated how to access memory in different ways on Android, running as root initially, and then eventually establishing a way to do it via a nonprivileged user. The researchers could use the Drammer attack to manipulate data stored in RAM on vulnerable devices.
The researchers were able to demonstrate an example of how a Drammer attack would work: after getting a targeted user to open a malicious URL, the attacker chains Drammer to the Statefright exploit to get remote code execution, and then to gain root privileges.
The researchers released a Drammer test tool to test if your mobile device is vulnerable, but did not release the exploit code. Google has released patches to provide some protection from the attack, but those do not completely stop it.
The Drammer attack is low-risk, given the complexity of the bug and limited vulnerable devices. However, it could be used in a targeted attack.
Learn how to prevent Rowhammer bit flipping attacks
Find out the kinds of problems created by branded vulnerability marketing
Discover how data can be used to manage vulnerable software
Dig Deeper on Information security threats
Related Q&A from Nick Lewis
The OurMine hacking group recently used DNS poisoning to attack WikiLeaks and take over its web address. Learn how this attack was performed from ...continue reading
Typosquatting was used by threat actors to spread malware in the NPM registry. Learn from expert Nick Lewis how this method was used and what it ...continue reading
Threat actors are using phishing email campaigns to fool users with tech support scams and fake Blue Screens of Death. Learn how these campaigns work...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.