Rowhammer-Based 'GLitch' Exploit Emerges That Can Attack Android Devices via Browsers

Rowhammer-Based 'GLitch' Exploit Emerges That Can Attack Android Devices via Browsers
Highlights
  • Researchers have developed an exploit based on Rowhammer technique
  • The exploit puts some Android devices at risk
  • It uses GPU to gain backdoor access

A team of researchers has discovered a new way that lets attackers hit Android devices remotely by leveraging a four-year-old technique called Rowhammer. Called GLitch, the fresh exploit uses GPU to gain backdoor access on some Android smartphones and can be executed simply through a malicious website. It was in 2016 spotted that a Rowhammer-based exploit could root Android devices and leak their stored data. However, that previous exploit required attackers to install a malicious app on vulnerable hardware to obtain user data.

Researchers of VUSec Lab at Vrije Universiteit Amsterdam have elaborated the GLitch exploit in a paper and claimed that it takes about two minutes to attack a vulnerable Android device by pushing code from a JavaScript component available on a malicious site. The exploit notably uses standard JavaScript to compromise the device, instead of requiring any app installation or a special Web program. It essentially accesses GPU through a Rowhammer-vulnerable DRAM to take over the system. This is unlike the previous Rowhammer attacks that were majorly using CPU to exploit a system.

Thankfully, the scope of the GLitch exploit isn't as wide as the Drammer that emerged in October 2016 to attack millions of Android devices using a malicious app. The new exploit works only Mozilla's Firefox browser and can impact devices using Snapdragon 800 and Snapdragon 801 SoCs, which has the Adreno 330 GPU. Moreover, the researchers found their model successful on older devices such as the Nexus 5 that had been discontinued in the past.

In a statement to Ars Technica, Pietro Frigo, one of the four researchers in Vrije University Amsterdam Systems and Network Security Group who authored the paper, assured that on different browsers, attackers could require different techniques to build the exploit. "But, theoretically, you could exploit any target," he added.

That being said, Google in an official note to folks at Ars Technica stated that the remote vector in Chrome has been mitigated on March 13 and its team is working with other browsers to implement similar protections. Mozilla, on the other hand, disabled the vulnerable EXT_DISJOINT_TIMER_QUERY in the March release of Firefox 59 and is set to change the WebGL specifications in Firefox 60 that will be released on May 9 to make it harder for attackers to compromise devices through any Rowhammer-based exploits. Furthermore, Some anonymous Google researchers reportedly confirmed that newer Android phones come with DDR chips that have mitigations to protect the hardware from the GLitch exploit and prevent bits from flipping, which primarily gives space to Rowhammer attackers.

Comments

For the latest tech news and reviews, follow Gadgets 360 on Twitter, Facebook, and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel.

Further reading: Rowhammer, GLitch, VUSec Lab, Android
Jagmeet Singh writes about consumer technology for Gadgets 360, out of New Delhi. Jagmeet is a senior reporter for Gadgets 360, and has frequently written about apps, computer security, Internet services, and telecom developments. Jagmeet is available on Twitter at @JagmeetS13 or Email at jagmeets@ndtv.com. Please send in your leads and tips. More
Xiaomi Officially Enters Europe and the UK, Will Sell Phones via Three
New Overwatch Map Rialto Now Playable on PS4, Xbox One, and Windows PC

Related Stories

Share on Facebook Tweet Snapchat Share Reddit Comment
 
 

Advertisement

Advertisement

Advertisement

© Copyright Red Pixels Ventures Limited 2021. All rights reserved.
Listen to the latest songs, only on JioSaavn.com