RAMpage – Rowhammer Variant Affecting Android Devices

Windows Articles

How to get Always-on Display feature in any Android

Greetings dear readers, the Always-on Display feature has been included in many Android devices for several years now. But they have been...

Error in Windows 10 preventing them from using the internet

The Windows 10 May 2020 Update brought more problems than solutions. Users around the world are complaining about a new bug. A...

How to install MyWebSQL on Ubuntu 20.04?

Managing a database server with MySQL is not an easy task. Therefore, specialized tools are required to improve the task. In Osradar...

New Office app arrives: free and renewed

Microsoft goes one step further. This time positive. This week the Redmond people launched the new Office app for Windows 10. The...

How to install Gradle on Ubuntu 20.04?

Hi, folks. In this post dedicated to Java, you will learn how to install Gradle on Ubuntu 20.04 Gradle...

In the world of security, there seems to be nothing so secured any more. Every now and then, there are new vulnerabilities found in different system. The first major ones were the Meltdown and Spectre that shook the world of security. Recently, a new vulnerability in Android has been identified that affects all the Android devices since 2012!

The new vulnerability has a nice name – RAMpage. The vulnerability is a variation of the Rowhammer attack. Rowhammer is a hardware bug in modern memory cards. Using the bug, researchers noticed that when someone would send repeated read/write instruction to a same row of the memory cells, it would create an electric field and the field was able to alter data stored on the nearby memory.

Later, researchers found that the attack was able to affect devices like virtual machines, PCs and Android devices. Researchers also found that they could execute the attack using GPU cards, JavaScript codes and even network packets.

RAMpage – Rowhammer attack variation

The first Rowhammer attack was named “DRammer” that would affect Android devices. This method was able to root the Android device. The current and latest version (RAMpage) is nothing more than the expansion of the previous one.

According to a research paper published recently, a team of 8 academics from 3 different universities and 2 private companies discovered this new attack.

According to the researchers, RAMpage can break the most fundamental isolation between user apps and the OS. A nicely crafted malicious program can use the RAMpage exploit for gaining admin control of the system and get hold of secrets from the device memory.

Now, once a malware gets admin privilege, it can steal any info like passwords, your personal photos etc. and even critical documents.

RAMpage infecting other devices (Apple, VMs and PCs)

The development of the attack is still in early stage. However, according to the researchers, the attack holds potential to work on home PCs, Apple devices and even on cloud servers. For Android devices, here’s an app from the security researchers to check if your device is vulnerable to DRammer and RAMpage.

RAMpage targeting Android’s ION subsystem

The difference between the DRammer and RAMpage is, the newer one specifically targets ION – an Android memory subsystem. ION is the responsible part of Android that manages memory allocation between apps and the OS. ION was introduced back in 2011 with Android 4.0 (Ice Cream Sandwich).

Thankfully, researchers also made a new tool that puts an additional guard in front of the ION subsystem. The guard is supposed to protect against RAMpage attack routine. You can get the app from GitHub.

The bad news

Be prepared for the bad news, folks! Researchers successfully pulled the attack on an LG4 smartphone, but the attack is able to infect other mobile devices with LPDDR2 to LPDDR4 memory. In short, that’s nearly all the Android smartphones produced since 2012!

Here’s a website that clarifies all the information about this dangerous vulnerability. The researchers encouraging people to use their apps and send the scanning result to them for getting more information and ultimately, understand the depth and making decision on next step.

Still not satisfied? Check out this new form of DDoS attack that uses UPnP for masking its identity and rendering all the DDoS mitigation method useless.

More articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest article

How to get Always-on Display feature in any Android

Greetings dear readers, the Always-on Display feature has been included in many Android devices for several years now. But they have been...

Error in Windows 10 preventing them from using the internet

The Windows 10 May 2020 Update brought more problems than solutions. Users around the world are complaining about a new bug. A...

How to install MyWebSQL on Ubuntu 20.04?

Managing a database server with MySQL is not an easy task. Therefore, specialized tools are required to improve the task. In Osradar...

New Office app arrives: free and renewed

Microsoft goes one step further. This time positive. This week the Redmond people launched the new Office app for Windows 10. The...

How to install Gradle on Ubuntu 20.04?

Hi, folks. In this post dedicated to Java, you will learn how to install Gradle on Ubuntu 20.04 Gradle...