Hackers Able to Gain Access Using New Rowhammer Exploit

The Rowhammer exploit was first identified three years ago and was seen enabling hackers to access devices by using DRAM memory cells.

Rowhammer attacks uses the close proximity of memory cells, making them leak their charge and change the make up of neighboring memory cells. The cyber attack involves sending constant read-write operations using carefully crafted memory access patterns to constantly activate the same memory rows, which can allow strong privilege escalation attacks.

Since this type of attack was identified, security researchers have seen the technique being used in a variety of different types of attack. These cyber attacks have even been carried out using simple JavaScript, and have been shown to have an impact on Windows Machines, Linux-based virtual machines, and Android devices.

Investigations into the Rowhammer exploit has allowed manufacturers to put in place a number of mitigations to stop cyber attacks; however, this week, new research has been released showing that even if many mitigations are used, the Rowhammer exploit can still be used and all mitigations in place can be bypassed.

Previously attacks were carried out on many rows of memory cells, but the mos recent method targets just one row – an attack method termed one-location hammering which keeps one DRAM row permanently open.

Researchers said “We replace conspicuous and memory-exhausting spraying and grooming techniques with a novel reliable technique called memory waylaying. Memory waylaying exploits system-level optimizations and a side channel to coax the operating system into placing target pages at attacker chosen physical locations.”

The team also conducted a successful cyber attack on Intel SGX and were able to camouflage the attack completely from the operating system. While the attacks take longer to complete out using the new method, they can still be successful. The researchers remarked that in their tests, an attack duration will last between 44.4 hours and 137.8 hours.

That would obviously be too long for attacks on the majority computers, but the researchers say that there is a danger of attacks on online servers which are not powered off, or for attacks on cloud services which usually have more than 99.9% uptime. The attackers could carry out denial of service attacks on cloud systems, but also privilege escalation attacks on personal and home computers.

Author: Defensorum

Share This Post On