Android Rooting Easier for Malware with DRAMMER attack

Last year security researchers had gotten access to Linux operating systems by using a design flaw in the memory storage to get higher kernel privileges on the system. Now for the first time with dynamic random access memory exploit called Rowhammer, which was already known about but not implemented on a mobile device, hackers will be able to gain “root” access to many android phones.

VUSec Lab at Vrije Universiteit Amsterdam was able to gain access for the first time using the Rowhammer exploit. The exploit works by “executing a malicious application that repeatedly accesses the same “row” of transistors on a memory chip in a tiny fraction of a second in a process called Hammering.” This can disturb a neighboring row causing energy to leak into more rows which causes a bit to flip. Bit flipping allows anyone to change the contents of memory in an operating system.

Drammer has no quick fix so it could become a very big problem for android phone users. They were able to gain access to many phones but none of the newer phones they only got up to the s5 for Samsung’s Galaxy model. The way they were able to access the phones was using something called ION in the android phones DRAM memory. Once the malicious app is downloaded within minutes it will have root access to your phone.

source: http://thehackernews.com/2016/10/root-android-phone-exploit.html

-Gavin Millikan

Advertisements