An international team of researchers has found almost all Android devices released since 2012 are vulnerable to a new weakness called RAMpage. The new vulnerability is a variation of the Rowhammer attack which is a hardware bug in modern memory cards. The bug was discovered a few years ago by researchers who found that when someone would send repeated write/read requests to the same row of memory cells, the write/read operations would create an electrical field that would screw with nearby memory data.
Related coverage: <a href="https://thegoldwater.com/news/14557-Malware-can-MELT-Your-Phone-Secretly-Mines-Cryptocurrency">Malware can MELT Your Phone ;Secretly Mines Cryptocurrency</a>
"This might include your passwords stored in a password manager or browser, your personal photos, emails, instant messages and even business-critical documents," according to the research team. It is also possible that RAMpage may also impact Apple devices, PC's, and VMs but research into the latest vulnerability is still in early stages. Researchers have updated an app used previously to detect Drammer to also identify if a device is vulnerable to RAMpage. The app is not available yet in the Play Store but it available online.
Related coverage: <a href="https://thegoldwater.com/news/28291-Google-Removed-The-Egg-From-Salad-Emoji-To-Be-Vegan-Friendly-And-The-Twitter-Responses-Are-Hilarious">Google Removed The Egg From Salad Emoji To Be Vegan-Friendly And The Twitter Responses Are Hilarious</a>
The old Rowhammer attack on Android devices and the new Rowhammer attack differ in that RAMpage specifically targets an Android memory subsystem called ION. A simplified version is that ION is part of the Android OS that manages memory allocations between apps and for the OS. Google introduced ION in Android 4.0 which was released on October 18, 2011.
Tips? Info? Send me a message!
Twitter: #RAMpage #Android #Google #Virus #Malware #Memory #Attack