Millions of Android smartphones around the world are at risk of being hacked remotely, security experts have revealed.
Experts at VUSec Lab at Vrije Universiteit Amsterdam have discovered a new hack that could allow hackers to exploit data on smartphones through memory chips and other physical parts embedded inside, opening up a whole new world of vulnerabilities that wasn’t thought of before. In theory, the type of attack – which exploits a new-found flaw in mobile memory – could be users on iPhones as well as other mobile devices. Researchers have been able to completely root Nexus 4, Nexus 5, LG G4; Moto G (2013), Moto G (2014), Samsung Galaxy S4, Samsung Galaxy S5, and the OnePlus One using the Drammer attack.
The researchers were able to exploit the smartphones using the Drammer exploit that is based on the Rowhammer class of attacks. This particular attack is known to target memory chips like DRAM, and has the potential to root millions of Android smartphones out there, including the ones that are running on ARM chips. Through the exploit, it is possible to surreptitiously root gain access using an app without any special permissions. The researchers claim that they have used the Drammer attack to root many LG, Motorola, Samsung, and OnePlus handsets.
The worst thing about the vulnerability is that there is no patch for it. Hardware bugs weren’t even considered a possibility, and therefore no software fix was ever issued for them.
While the security experts were able to exploit quite a few smartphones, not all of the above-mentioned smartphones were compromised. It largely depended on the age of the smartphone, and older the smartphone, the more vulnerable was it to the exploit – this is based on how the vulnerability works, by flipping bits on a memory module. The Rowhammer attack has been around for quite a while, but this is the first time it is seen risking smartphone data.
The researchers had even intimated Google about the vulnerability in July, for which they even received a $4,000 reward. Google is still working on a fix, and plans to release it in the November security bulletin.
The experts claims that the fix won’t completely prevent hackers from exploiting, but expects it to make it very difficult. You cannot expect an OEM to stop bundling in random access memory chips and other crucial hardware components to prevent the Rowhammer exploit.