Security News > 2021 > November > New Blacksmith Exploit Bypasses Current Rowhammer Attack Defenses
Cybersecurity researchers have demonstrated yet another variation of the Rowhammer attack affecting all DRAM chips that bypasses currently deployed mitigations, thereby effectively compromising the security of the devices.
Originally disclosed in 2014, Rowhammer refers to a fundamental hardware vulnerability that could be abused to alter or corrupt memory contents by taking advantage of DRAM's tightly-packed, matrix-like memory cell architecture to repeatedly access certain rows that induces an electrical disturbance large enough to cause the capacitors in neighbouring rows to leak charge faster and flip bits stored in the "Victim" rows adjacent to them.
A double-sided Rowhammer access pattern sandwiches a victim row in between two aggressor rows, maximizing the bit flips in the victim row.
Another method called Half-Double, as established by Google researchers earlier this May, leverages the weak coupling between two memory rows that are not immediately adjacent to each other but one row removed to tamper with data stored in memory and, in principle, even gain unfettered access to the system.
The approach involves conducting a series of experiments to identify complex "Non-uniform" patterns in which different numbers of aggressor rows are hammered with different frequencies, phases and amplitudes that can still bypass TRR, with the study finding at least one pattern that triggered Rowhammer bit errors across 40 DDR4 devices from Samsung, Micron, SK Hynix, and an unnamed manufacturer.
"The tendency in DRAM manufacturing is to make the chips denser to pack more memory in the same size which inevitably results in increased interdependency between memory cells, making Rowhammer an ongoing problem," Google's open-source team said last week, alongside announcing what's called the Rowhammer Tester platform for "Experimenting with new types of attacks and finding better Rowhammer mitigation techniques."
News URL
https://thehackernews.com/2021/11/new-blacksmith-exploit-bypasses-current.html
Related news
- Malware botnets exploit outdated D-Link routers in recent attacks (source)
- New DoubleClickjacking attack exploits double-clicks to hijack accounts (source)
- Mirai Botnet Variant Exploits Four-Faith Router Vulnerability for DDoS Attacks (source)
- New Web3 attack exploits transaction simulations to steal crypto (source)
- Hackers exploit critical Aviatrix Controller RCE flaw in attacks (source)
- Defense strategies to counter escalating hybrid attacks (source)
- Clone2Leak attacks exploit Git flaws to steal credentials (source)
- New SLAP & FLOP Attacks Expose Apple M-Series Chips to Speculative Execution Exploits (source)
- New Aquabot Botnet Exploits CVE-2024-41710 in Mitel Phones for DDoS Attacks (source)
- Threat Actors Exploit ClickFix to Deploy NetSupport RAT in Latest Cyber Attacks (source)