Threat Database Vulnerability Rowhammer Attack

Rowhammer Attack

By GoldSparrow in Vulnerability

The Rowhammer attack is a threatening exploit that involves both software and hardware vulnerabilities. Malware researchers also have received reports of an upgraded version of the Rowhammer attack that has come to be known as the 'Throwhammer attack.' The Rowhammer attack and its variants involve carrying out complicated operations to gain access to protected memory segments on the targeted devices. These operations can be fascinating due to the combination of exploiting hardware vulnerabilities on the affected device while using attacks that can be carried out over LAN or locally on the infected computer. The Rowhammer attack essentially involves carrying out something known as 'bit flipping,' involving sending huge quantities of specially crafted packets to a specific location on the targeted device, which allows the attacker to obtain unauthorized access to the system memory on the attacked device. The vulnerability associated with the Rowhammer attack has been known since 2012, but the advances allowing the attackers to carry out attacks like the Rowhammer attack have only come in later years. The vulnerability targeted by the Rowhammer attack is a hardware vulnerability partially, meaning that no software patch can fully fix or protect a device from these vulnerabilities.

The Rowhammer Attack can Be Executed from a Remote Location

The Rowhammer attack can be especially efficient when carried out against targets using Ethernet network cards with RDMA (Remote Direct Memory Access), which can allow a criminal to carry out the Rowhammer attack from a remote location. Furthermore, it has been observed that some Graphic Processing Units or GPUs have allowed the Rowhammer attack to be carried out against mobile devices running the Android operating system. The mechanics of the Rowhammer attack required high-speed LAN of at least 10 Gbps, contributing to why successful Rowhammer attacks did not become practical until several years after the vulnerability was disclosed. Using the latest drivers on all devices can help mitigate the risk posed by Rowhammer attacks.

What is the Attack Method Used by Rowhammer

The technique known as the Rowhammer attack is used for data theft mainly and has been fascinating due to its untapped possibilities. Since it was first released, both researchers and malware developers have worked on refining it to weaponize it against computer users. Since it was first observed, the capabilities and scope of these attacks have expanded to include other components that were thought to be immune to the Rowhammer attack originally, such as servers and routers. It is necessary to note just how technical and complex the Rowhammer attack is. They involve targeting a 'row' of transistors in a computer memory chip specifically, 'hammering' it until at least to the adjacent row, a leak that can be used to exploit tiny data changes to gain access to the targeted attack. Rowhammer attacks are not exploits that can be carried out by the average hacker, who typically purchases code or creates software that targets software vulnerability. To carry out Rowhammer attacks, it is necessary that the attackers have deep, extensive knowledge of hardware and how to exploit the different leaks that can be effected through the attack.

Concerning Developments Regarding Rowhammer attack

Mass cloud services, critical infrastructure, and computers involved in important research all contain components that are vulnerable to Rowhammer attacks. This is because the vulnerable devices are highly reliable and do not use a lot of power, which is desirable in many applications. These may include firewalls and routers, as well as servers. Because of this, a successful Rowhammer attack could be used to cripple critical devices as part of a wide campaign.


Most Viewed