A new report released by cybersecurity researchers from eight universities and a handful of private firms revealed a new Android vulnerability called RAMpage. Almost every Android phones released since 2012 is vulnerable. Here’s what you need to know!

The vulnerability, tracked as CVE-2018-9442, is a variation of the Rowhammer attack.

Rowhammer is a hardware bug in modern memory cards. A few years back researchers discovered that when someone would send repeated write/read requests to the same row of memory cells, the write/read operations would create an electrical field that would alter data stored on nearby memory.

In the following years, researchers discovered that Rowhammer-like attacks affected personal computers, virtual machines, and Android devices. Through further researcher, they also found they could execute Rowhammer attacks via JavaScript code, GPU cards, and network packets.

RAMpage is the latest Rowhammer attack variation

The first Rowhammer attack on Android devices was named DRammer, and it could modify data on Android devices and root Android smartphones. Today, researchers expanded on that initial work.

According to a research paper published today, a team of eight academics from three universities and two private companies revealed a new Rowhammer-like attack on Android devices named RAMpage.

“RAMpage breaks the most fundamental isolation between user applications and the operating system,” researchers said. “While apps are typically not permitted to read data from other apps, a malicious program can craft a RAMpage exploit to get administrative control and get hold of secrets stored in the device.”

“This might include your passwords stored in a password manager or browser, your personal photos, emails, instant messages and even business-critical documents,” the research team said.

 

Source: BleepingComputer

RAMpage Website

Share This