Researchers use new technique to target Android phones

It appears that researchers have found a new way to hack smartphones. The technique is called ‘Rowhammer’, in which hackers manipulate the physical electric charge in memory chips, corrupting the data and even running specific code.

The cyber attack is able to compromise fundamental computer hardware functioning, so no software patch can fully fix it. First experimented with by researchers four years ago, they have now found a way to use Rowhammer on Android phones.

VUSec group researchers at Vrije Universiteit Amsterdam named the new Rowhammer method ‘GLitch’.  The tactic involves ‘bit flips’ – inducing electrical charges to change the order of ones and zeros in the data. Hackers can implant malicious code on Android phones by luring victims to a bad web page. This is the first smartphone-targeted implementation of the remote Rowhammer attack.

Pietro Frigo, one of the researchers who contributed to the paper, said, “By triggering bit flips in a very specific pattern we can actually get control over the browser. We managed to get remote code execution on a smartphone.”

How Rowhammer attacks work

Rowhammer attacks do not target software, but the physics behind computer components. The ‘cells’ that encode data in ones and zeros can occasionally seep into a neighboring row, flipping the data structure. Cyber criminals could hammer both sides of a target row to create a series of bit flips that runs code on targeted software (currently only the Firefox browser).

Previously, researchers have deployed remote Rowhammer attacks on computers with Windows and Linux operating systems installed. VUSec more recently demonstrated that they can launch a Rowhammer attack, but only after the Android user installed a malicious app on the phone.

Android phones contain ARM chips, which use a certain type of cache that stores frequently accessed data for quick access. The university team found a vulnerability in the graphics processing unit, whose cache is more easily infiltrated. The team built a rapid, remote Rowhammer exploit through the GPU.

In the proof of concept, researchers launched the malicious code by using JavaScript on a website to repeatedly load graphic textures that can cause bit flips on the victim’s phone. The right sequence of bit flips adds up to malicious code. There are some pretty major limitations, of course:

  • The code can only run within the browser.
  • For now, Rowhammer can only target the Firefox browser, plus phones that run Qualcomm’s Snapdragon 800 and 801 systems-on-a-chip mobile components (only proven to work on older Android phone).

Wired, which reported on the vulnerability, reached out to Google, which stated that the attack doesn’t apply to a majority of Android users. Google has tested newer devices and found that they aren’t nearly as vulnerable. Google has since made changes to better secure Chrome.

Take proactive measures to ensure that your organization’s data is safe

As hackers continue to find sophisticated ways to target victims, it is crucial to get your cybersecurity up to par. Organizations cannot afford to let information security risks get the best of them. An information security management system (ISMS) will help an organization to safeguard its data. It contains the policies, procedures, and technical and physical controls to secure the confidentiality, availability, and integrity of information. ISO 27001 is the international standard for information security, and describes best practices for an ISMS.

IT Governance is offering a three-day online training course to equip you with the knowledge you need to mitigate data breach risk and comply with data security regulations. This fully certificated, practitioner-led course will develop your skills to implement an ISMS aligned to the international information security standard, ISO 27001.  Register now for the ISO27001 Certified ISMS Lead Implementer Online.

ISO 27001 Lead Implementer Training

Leave a Reply

Your email address will not be published. Required fields are marked *