A new attack was discovered recently and can change what is stored in the Random Acess Memory (RAM) of your Android smartphone, ultimately leading a hacker to gain access to all data stored in the handset. This new attack is called RAMpage, for obvious reason, and can give access to all your Passwords stored in a Password manager, Photos, Videos, E-Mails and Documents stored on the smartphone.
The new attack takes advantage of the Rowhammer flaw in tightly packed circuitry inside a RAM chip. The electrical attack in one part of the RAM chip, makes the memory cells leak and interfere with other memory cells. Of course, this classify this Rowhammer bug as not necessarily a flaw, but as a “side-effect” of the RAM manufacture process. The leak between some rows of memory cells is something normal, and the RAM chip is able to recover any possible harm, however a Hacker could benefit from the RAM leak and flip the bits bits inside the cells altering the data stored in the memory.
“The Rowhammer hardware bug at its core consists of the leakage of charge between adjacent memory cells on a densely packed DRAM chip. Thus, whenever the CPU reads or writes one row of bits in the DRAM module, the neighboring rows are ever so slightly affected. Normally, this does not create problems as DRAM periodically refreshes the charge in its cells, well in time to preserve data integrity. However, an attacker who deliberately hits the same rows many times within a refresh interval may
cause the charge leakage to accumulate to the point that a bit flips in an adjacent row and modify memory that she does not own. Initially considered a curiosity of relatively minor importance, researchers have shown that attackers can harness Rowhammer to completely subvert a system’s security.”
The RAMpage attack can be unleashed on all Android smartphones that are using LPDDR2, LPDDR3 and LPDDR4 RAM chips, that basically means that every device manufactured from later than 2012 can be affected by the Rowhammer bug. This flaw is a massive one, and while the Android smartphones will be the first target of most hackers, the iOS devices can also be affected by the issue due to the use of the same LPDDR chips.
According to Rowspaper, fixing such hardware issue that leaves us vulnerable to RAMpage would not be practical at all, since it would need a certain amount of power. However, Apple and Google should already be aware of such flaw and are possible working in a patch to fix Rowhammer, before it turns to be a major problem.