Security News Packets over a LAN are all it takes to trigger serious Rowhammer bit flips

LASER_oneXM

Level 37
Thread author
Verified
Top Poster
Well-known
Feb 4, 2016
2,520
The bar for exploiting potentially serious DDR weakness keeps getting lower.

For the first time, researchers have exploited the Rowhammer memory-chip weakness using nothing more than network packets sent over a local area network. The advance is likely to further lower the bar for triggering bit flips that change critical pieces of data stored on vulnerable computers and servers.

Until now, Rowhammer exploits had to execute code on targeted machines. That hurdle required attackers to either sneak the unprivileged code onto the machines or lure end users to a website that hosted malicious JavaScript. In a paper published Thursday, researchers at the Vrije Universiteit Amsterdam and the University of Cyprus showed that standard packets sent over networks used by many cloud services, universities, and others were sufficient. The secret to the new technique: increasingly fast network speeds that allow hackers to send specially designed packets in rapid succession.

"Thus far, Rowhammer has been commonly perceived as a dangerous hardware bug that allows attackers capable of executing code on a machine to escalate their privileges," the researchers wrote. "In this paper, we have shown that Rowhammer is much more dangerous and also allows for remote attacks in practical settings. We show that even at relatively modest network speeds of 10Gbps, it is possible to flip bits in a victim machine from across the network."

Like most of the Rowhammer exploits demonstrated so far, Throwhammer doesn't pose an immediate threat, mostly because it's too experimental to be used actively and reliably in the wild and also because there are easier ways for malicious hackers to exploit computers. Still, the class of attack may one day pose a significant threat, in part because the only way to fix vulnerable systems is to replace the memory chips they use. For that reason, software and hardware developers should carefully study the research now.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top