Rowhammer Vulnerability Targets Android Smartphone User

Hide your smartphones! A new(ish) attack is now targeting your fifth appendage…



Yesterday, a team of Dutch security researchers identified a “GLitch” in Rowhammer (Android users, this applies to you), that allows it to be exploited by using Javascript to hack the device via the phone’s web browser. Originally just a “what if”, the new research shows that repeatedly activating the memory cells can cause the phone’s electrical charges to fluctuate, which can alter the data stored in your DRAM. This exploit then allows the hacker to manipulate other software, including the OS itself.


This [hack] makes it possible for an attacker who controls a malicious website to get remote code execution on a smartphone without relying on any software bug.

- Vrije Universiteit Amsterdam

Both Mozilla and Google have recognized and addressed the Rowhammer issue, and Google identifies the threat as being largely theoretical, noting a fully working exploit that leverages the same technique has yet to be identified. According to researchers at Vrije Universiteit Amsterdam, the threat is indeed very real, and very capable of causing Mayhem (and not the fun kind that AllState covers). While the jury is still out on how worries we should be, the Dutch-led group is working with Google to find a fix, but also stresses the onus is on hardware vendors to develop a more permanent fix.


#Hacking #RowHammer #Android #Smartphone #Cybersecurity #VulnerabilityManagement #KnowYourRysk #ReduceYourRysk

SUBSCRIBE TO OUR NEWSLETTER TODAY:

CALL US

Direct: (866) 797 5699

EMAIL US
OPENING HOURS

 24 Hours a Day / 7 Days a Week

OVER 30 YEARS OF EXPERIENCE...

...working with both private corporations and government agencies in the areas of cyber security, networking/infrastructure and systems and networks administration.

OUR SERVICES:

- Penetration Testing

- Remote Monitoring

- Security Engineering

- Security Integration

- Vulnerability Management

- Regulatory Compliance

- Incident Response

  • Facebook Social Icon
  • Twitter Social Icon
  • LinkedIn Social Icon

#KnowYourRysk

#ReduceYourRysk

© 2018 by The Rysk Group