Everyone with an Android device should listen up: Security researchers have discovered a new exploit and it targets every Android device that was released in the last six years. The name of the exploit is RAMpage and it is based on the Rowhammer exploit that was discovered ages ago.
How does RAMpage work?
The new exploit is – same as Rowhammer – based on the way Random Access Memory, better known as RAM, is build. It takes advantage of the tightly packed circuits inside the modern chips: When one part of a RAM is electrically attacked its memory cells leak and interfere with other memory cells. This would allow an attacker to manipulate data that he normally would not have had access too.
RAMpage does exactly that. It uses the Rowhammer idea and focuses the attack on Androids ION memory subsystem. That’s the system that Google has implemented to manage and allocate memory for the different apps. By attacking it, an app could potentially attain admin level privileges and then access the data of other apps, something that would be unthinkable under normal circumstances.
Why is RAMpage dangerous?
The researches summed the exploit up with a single sentence: “This attack allows an app to take full administrative control over the device.” – and that’s also what makes the attack so dangerous. When carried out successfully one could collect personal information like passwords, documents, photos, private conversations, etc., basically every scrap of data you do not want to share.
Who is affected by RAMpage?
Almost everyone owning an Android phone could be targeted by RAMpage. The exploit can be successfully used on devices that use the LPDDR2, LPDDR3, or LPDDR4 RAM chip – and that’s basically every phone released since 2012.
While not stated how, the researchers claim that iOS, macOS, and Windows PCs could theoretically be affected by RAMpage too though, so no one is really safe.