- Jul 22, 2014
- 2,525
- 1
- 23,394
- 3,488
Security researchers have come up with a variation of the Rowhammer attack that bypasses all previously proposed countermeasures.
The term Rowhammer is used to describe a security exploit that takes advantage of the fact that hardware vendors, in the chase for bigger memories and smaller-sized components, are cramming too many memory cells together on the same boards.
Researchers discovered that an attacker could bombard RAM memory cell rows with constant read-write operations causing the memory cells to change their electrical charge, which inherently modifies the stored data bits from 1 to 0 and vice-versa, altering the information stored in a computer's memory.
Attackers can use this attack to deliver malicious code that alters normal OS behavior to escalate the attacker's privileges, root devices, or cause denial-of-service states to crucial services, such as security software.
Rowhammer attacks can cause a lot of damage
Details about Rowhammer attack came to light in 2014, and newer research on the topic has been published on a steadily basis ever since. Researchers discovered that:
⊷ Rowhammer attacks work against DDR3and DDR4 memory cards
⊷ they can use carry out Rowhammer attacks via mundane JavaScript and not necessarily via specialized malware
⊷ they could take over Windows machines by attacking Edge with a Rowhammer attack
⊷ they could use Rowhammer to take over Linux-based virtual machines installed in cloud hosting providers
⊷ they could use a Rowhammer attack to root Android devices
.....
The term Rowhammer is used to describe a security exploit that takes advantage of the fact that hardware vendors, in the chase for bigger memories and smaller-sized components, are cramming too many memory cells together on the same boards.
Researchers discovered that an attacker could bombard RAM memory cell rows with constant read-write operations causing the memory cells to change their electrical charge, which inherently modifies the stored data bits from 1 to 0 and vice-versa, altering the information stored in a computer's memory.
Attackers can use this attack to deliver malicious code that alters normal OS behavior to escalate the attacker's privileges, root devices, or cause denial-of-service states to crucial services, such as security software.
Rowhammer attacks can cause a lot of damage
Details about Rowhammer attack came to light in 2014, and newer research on the topic has been published on a steadily basis ever since. Researchers discovered that:
⊷ Rowhammer attacks work against DDR3and DDR4 memory cards
⊷ they can use carry out Rowhammer attacks via mundane JavaScript and not necessarily via specialized malware
⊷ they could take over Windows machines by attacking Edge with a Rowhammer attack
⊷ they could use Rowhammer to take over Linux-based virtual machines installed in cloud hosting providers
⊷ they could use a Rowhammer attack to root Android devices
.....
