The new vulnerability has a nice name – RAMpage. The vulnerability is a variation of the Rowhammer attack. Rowhammer is a hardware bug in modern memory cards. Using the bug, researchers noticed that when someone would send repeated read/write instruction to a same row of the memory cells, it would create an electric field and the field was able to alter data stored on the nearby memory.

Later, researchers found that the attack was able to affect devices like virtual machines, PCs and Android devices. Researchers also found that they could execute the attack using GPU cards, JavaScript codes and even network packets.

RAMpage – Rowhammer attack variation

The first Rowhammer attack was named “DRammer” that would affect Android devices. This method was able to root the Android device. The current and latest version (RAMpage) is nothing more than the expansion of the previous one.

According to a research paper published recently, a team of 8 academics from 3 different universities and 2 private companies discovered this new attack.

According to the researchers, RAMpage can break the most fundamental isolation between user apps and the OS. A nicely crafted malicious program can use the RAMpage exploit for gaining admin control of the system and get hold of secrets from the device memory.

Now, once a malware gets admin privilege, it can steal any info like passwords, your personal photos etc. and even critical documents.

RAMpage infecting other devices (Apple, VMs and PCs)

The development of the attack is still in early stage. However, according to the researchers, the attack holds potential to work on home PCs, Apple devices and even on cloud servers. For Android devices, here’s an app from the security researchers to check if your device is vulnerable to DRammer and RAMpage.

RAMpage targeting Android’s ION subsystem

The difference between the DRammer and RAMpage is, the newer one specifically targets ION – an Android memory subsystem. ION is the responsible part of Android that manages memory allocation between apps and the OS. ION was introduced back in 2011 with Android 4.0 (Ice Cream Sandwich).

Thankfully, researchers also made a new tool that puts an additional guard in front of the ION subsystem. The guard is supposed to protect against RAMpage attack routine. You can get the app from GitHub.

The bad news

Be prepared for the bad news, folks! Researchers successfully pulled the attack on an LG4 smartphone, but the attack is able to infect other mobile devices with LPDDR2 to LPDDR4 memory. In short, that’s nearly all the Android smartphones produced since 2012!

Here’s a website that clarifies all the information about this dangerous vulnerability. The researchers encouraging people to use their apps and send the scanning result to them for getting more information and ultimately, understand the depth and making decision on next step.

Still not satisfied? Check out this new form of DDoS attack that uses UPnP for masking its identity and rendering all the DDoS mitigation method useless.

The post RAMpage – Rowhammer Variant Affecting Android Devices appeared first on Linux Windows and android Tutorials.

The bug

This bug is really funny. This bug exposes the SMS text open to the browser when searched using various terms.

For example, the initial report was when a user tried to access the URL “the1975..com”. Then, Google Pixel Launcher app returned the data of his SMS texts instead of the search result. The bug went public on Reddit. Eventually, there were also other Android-centered blogs who were able to reproduce the bug successfully.

The bug also worked on other Google apps. Here are some of the terms to try out for yourself –

the1976..com
thw1975..com
the1974..com
the1975..com
Izela viagens
Vizel viagens
Zela viagens

Google apps fixed

Such glitch wasn’t supposed to be present. Generally, Google apps have the ability to return user’s SMS text, but that requires permission from the user himself.

As it appears, it’s more a “glitch” rather than a security flaw. It’s not exploitable remotely, so you’re completely safe against any possible threat due to this issue. Even if someone has physical access to your smart device, he/she is more likely to log into your Message app instead of typing some garbage & meaningless text into your phone’s browser.

As of now, Google has already fixed the issue and released updates for Google Assistant, Pixel Launcher, Google Search and other related apps. Those should appear on your Play Store’s update section.

The post Weird Android Bug – Really WEIRD! appeared first on Linux Windows and android Tutorials.