Rowhammer, a hacking method that uses a device’s memory chips to corrupt data, has been around for four years. But it wasn’t until recently when a group of researchers discovered a huge way of exploiting it even further.
In theory, Rowhammer goes for the most necessary properties of a computer’s hardware, making software patches almost entirely useless in fully fixing it.
The new developments in Rowhammer allow it to target Android smartphones through their embedded graphics processing units (GPUs).
First seen as early as 2012, Rowhammer was first exploited by Google researchers three years ago when they executed remote attacks that targetted Windows and Linux computers.
In 2017, researchers from Amsterdam’s VUSec Lab demonstrated how Rowhammer could exploit Android phones – albeit those already infected by malware.
But less than a month ago, the same team from Amsterdam experimented on a newer attack using the Rowhammer technique.
Researchers haven’t found a permanent fix for Rowhammer
On top of that, the code can also access information on the user’s browsing behaviour or their login credentials. The silver lining in this is that the hacker can’t gain further access to the Android device.
As of this writing, GLitch is believed to target Android phones that run Snapdragon 800 or 801, affecting older models such as the HTC One M8, LG Nexus 5, and LG G2; while also targetting Google Chrome and Mozilla Firefox.
Rowhammer goes for a computer’s hardware and not its software, making it almost impossible to implement a patch to completely stop the issue.
Experts believe Rowhammer’s threat has the potential to cause severe destruction when implemented correctly.
The Amsterdam research team have been collaborating with Google on steps to solve the Rowhammer riddle.
Comprehensive multi-device protection for you and your family for up to 6 PCs, Macs, Android, and iOS devices. For more info click here.