Drive-by Rowhammer attack uses GPU to compromise an Android phone

Minimalist · May 3, 2018

Over the past few years, there has been a steady evolution in Rowhammer, the once largely theoretical attack that exploits physical defects in memory chips to tamper with the security of the devices they run on. On Thursday, researchers are unveiling the most practical demonstration yet of Rowhammer's power and reach: an exploit that remotely executes malicious code on Android phones by harnessing their graphical processors.
Click to expand...

https://arstechnica.com/information...tack-uses-gpu-to-compromise-an-android-phone/

FanJ · May 4, 2018

See also the article at VUSec (Systems and Network Security Group at Vrije Universiteit Amsterdam):
https://www.vusec.net/projects/glitch/

What is GLitch?

GLitch is one part of our series of Rowhammer attacks. We started by breaking the EDGE browser and the cloud. Then we moved towards Android devices showing how to root them with bit flips. This time we wanted to show that also mobile phones can be attacked remotely via the browser.
Meet GLitch: the first instance of a remote Rowhammer exploit on ARM Android devices. This makes it possible for an attacker who controls a malicious website to get remote code execution on a smartphone without relying on any software bug.
You want to know what makes this attack even cooler? It is carried out by the GPU. This is the first GPU-accelerated Rowhammer attack.
Click to expand...

Log in or Sign up

Drive-by Rowhammer attack uses GPU to compromise an Android phone

Minimalist Registered Member

FanJ Updates Team

Log in or Sign up

Drive-by Rowhammer attack uses GPU to compromise an Android phone

Minimalist Registered Member

FanJ Updates Team

Useful Searches