Researchers have demonstrated a way for the Rowhammer exploit, found previously in PCs, to be used on mobile devices...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
that are ARM-based. In fact, researchers say the exploit may be more effective on mobile devices. What is the issue with ARM, and how does it enable more effective Rowhammer attacks?
Hardware-based security vulnerabilities and attacks are not commonplace, but they do exist, and could provide access to an otherwise secure system.
Researchers from the Vrije Universiteit Amsterdam in the Netherlands and the University of California in Santa Barbara found that the Flip Feng Shui technique allows the Rowhammer hardware bug to be exploited by a deterministic Rowhammer, or Drammer, attack. Besides PCs and Android mobile devices using ARM processors, the deterministic Rowhammer attacks could extend to cloud services.
The issue with ARM is similar to problems faced by other hardware platforms using vulnerable dynamic RAM, even though the ARM platform is significantly different than devices running on the x86 processor. The ARM CPU uses RISC CPU architecture, and is less complex than the complex instruction set computing CPU architecture that x86 uses. ARM relies more on external memory than x86, since x86 CPUs have memory included in the chip.
Researchers were unsure if the memory access would be fast enough on ARM to be vulnerable to Rowhammer-style bugs. The researchers investigated how to access memory in different ways on Android, running as root initially, and then eventually establishing a way to do it via a nonprivileged user. The researchers could use the Drammer attack to manipulate data stored in RAM on vulnerable devices.
The researchers were able to demonstrate an example of how an attack would work: after getting a targeted user to open a malicious URL, the attacker chains Drammer to the Statefright exploit to get remote code execution, and then to gain root privileges.
The researchers released a Drammer test tool to test if your mobile device is vulnerable, but did not release the exploit code. Google has released patches to provide some protection from the attack, but those do not completely stop it.
The Drammer attack is low-risk, given the complexity of the bug and limited vulnerable devices. However, it could be used in a targeted attack.
Learn how to prevent Rowhammer bit flipping attacks
Find out the kinds of problems created by branded vulnerability marketing
Discover how data can be used to manage vulnerable software
Dig Deeper on Smartphone and PDA Viruses and Threats
Related Q&A from Nick Lewis
The SQL Slammer worm has re-emerged to attack a vulnerability in Microsoft SQL Server 2000. Expert Nick Lewis explains what enterprises can do to ...continue reading
The Fruitfly Mac malware has decades-old code, but has been conducting surveillance attacks for over two years without detection. Expert Nick Lewis ...continue reading
A Gmail phishing attack brought users to fake login pages designed to look like Google's. Expert Nick Lewis explains how users can prevent similar ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.