Technology Updates: Researchers developed exploit based Rowhammer technique


Share this

A group of researchers has discovered a fresh way that lets attackers hit Android devices remotely by leveraging a four-year-old technique called Rowhammer.Called GLitch, the fresh exploit uses GPU to achieve backdoor access on some Android smartphones and could be executed simply through a malicious website. It had been in 2016 spotted that a Rowhammer-based exploit could root Android devices and leak their stored data. However, that previous exploit required attackers to install a malicious app on vulnerable hardware to acquire user data.

Researchers of VUSec Lab at Vrije Universiteit Amsterdam have elaborated the GLitch exploit in a document and claimed so it takes about two minutes to attack a vulnerable Android device by pushing code from a JavaScript component available on a malicious site. The exploit notably uses standard JavaScript to compromise the device, in place of requiring any app installation or a special Web program. It essentially accesses GPU through a Rowhammer-vulnerable DRAM to dominate the system. This really is unlike the prior Rowhammer attacks which were majorly using CPU to exploit a system.

Thankfully, the scope of the GLitch exploit isn’t as wide whilst the Drammer that emerged in October 2016 to attack countless Android devices utilizing a malicious app. The new exploit works only Mozilla’s Firefox browser and can impact devices using Snapdragon 800 and Snapdragon 801 SoCs, that has the Adreno 330 GPU. Moreover, the researchers found their model successful on older devices such as for example the Nexus 5 that were discontinued in the past.

In a statement to Ars Technica, Pietro Frigo, one of the four researchers in Vrije University Amsterdam Systems and Network Security Group who authored the paper, assured that on different browsers, attackers could require different techniques to build the exploit. “But, theoretically, you might exploit any target,” he added.

That being said, Google in an official note to folks at Ars Technica stated that the remote vector in Chrome has been mitigated on March 13 and its team is working with other browsers to implement similar protections. Mozilla, on one other hand, disabled the vulnerable EXT_DISJOINT_TIMER_QUERY in the March release of Firefox 59 and is placed to improve the WebGL specifications in Firefox 60 that will be released on May 9 to create it harder for attackers to compromise devices through any Rowhammer-based exploits. Furthermore, Some anonymous Google researchers reportedly confirmed that newer Android phones come with DDR chips which have mitigations to safeguard the hardware from the GLitch exploit and prevent bits from flipping, which primarily gives space to Rowhammer attackers.

Source: NDTV


    Leave a Reply

    Your email address will not be published. Required fields are marked *