New RAMpage exploit revives Rowhammer attack to root Android devices

(credit: Ron Amadeo)

In late 2016, Google’s security team scrambled to fix a critical vulnerability that allowed attackers to gain unfettered root access to Android devices by using a relatively new class of exploit that manipulates data stored in memory chips. Now, 21 months later, many of the same researchers behind the attack, dubbed Drammer, are back to say that a large number of Android phones and tablets remain vulnerable to the rooting attacks because the patches Google deployed weren’t adequate.

Both Drammer and the newly disclosed RAMpage attacks exploit Rowhammer, a class of exploit that alters data stored in memory chips by repeatedly accessing the internal rows where individual bits are stored. By “hammering” the rows thousands of times a second, the technique causes the bits to flip, meaning 0s are changed to 1s and vice versa.

The original Rowhammer attack against PCs made it possible for an untrusted computer application to gain nearly unfettered system privileges or to bypass security sandboxes designed to keep malicious code from accessing sensitive operating system resources. A later variation allowed JavaScript hosted on websites to effect the same security-sensitive bitflips.

Read 11 remaining paragraphs | Comments

Post Author: martin

Martin is an enthusiastic programmer, a webdeveloper and a young entrepreneur. He is intereted into computers for a long time. In the age of 10 he has programmed his first website and since then he has been working on web technologies until now. He is the Founder and Editor-in-Chief of and Online Magazines. His colleagues appreciate him as a passionate workhorse, a fan of new technologies, an eternal optimist and a dreamer, but especially the soul of the team for whom he can do anything in the world.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.