Rowhammer used to root Android -
There have been implementations of rowhammer attacks in javascript, so the the potential exists for this to be exploited via a web page.
The attack described in "Drammer: Deterministic Rowhammer Attacks on Mobile Platforms" was found to be effective against ARM-based mobile hardware and allowed a malicious app to gain root access on targeted Android devices. The method was created in collaboration by researchers from Vrije Universiteit Amsterdam, Graz University of Technology in Graz, Austria and the University of California at Santa Barbara.
The researchers described Rowhammer as "a hardware bug that allows attackers to manipulate data in memory without accessing it. More specifically, by reading many times from a specific memory location, somewhere else in memory a bit may flip (a one becomes a zero, or a zero becomes a one)."
Traditional Rowhammer exploits were unreliable because bit flips are unpredictable and the researchers said experts had questioned whether ARM memory controllers were "fast enough to trigger bit flips."
Researchers used "the predictable behavior of the default physical memory allocator and its memory reuse patterns ... [to] reliably control the layout of physical memory and deterministically place security-sensitive data in an attacker-chosen, vulnerable physical memory location."
This technique, which the researchers called "Phys Feng Shui," combined Rowhammer with a memory massaging primitive and created a deterministic Rowhammer exploitation which made the attack much more reliable.
Liviu Arsene, senior e-threat researcher at Romania-based antimalware firm Bitdefender, said this method would make an attack much faster.
"Because the proposed attack uses a deterministic Rowhammer attack, it suggests that it takes far less time to cause bit flips in targeted physical memory regions, hence the attack would take far less time that the traditional Drammer attack," Arsene told SearchSecurity. "This is particularly dangerous as the attack itself takes less time to successfully control a vulnerable physical memory page [and] increases the chances of exploitation."
According to the researchers, the Rowhammer attack can be hidden inside a malicious Android app which would require no special permissions in order to run and take over a device. The researchers said a large proportion of the Android ecosystem may be vulnerable because 17 out of 21 of 32-bit ARMv7 devices tested and one out of six 64-bit ARMv8 phones were susceptible to Rowhammer. The researchers noted that ARMv7 hardware is "still the most dominant platform with a market share of over 97%."
However, it's difficult to know the true risk to users because Samsung Galaxy smartphones -- by far the best-selling devices tested -- seemed to fare the best in testing. The researchers claimed the Samsung Galaxy S4 and Galaxy S5 were vulnerable, but the S4 was not included in the data set in the paper and the S5 was listed in the data as having zero bit flips when tested. In addition, the Samsung Galaxy S6 was not susceptible to the Rowhammer attack.
"It's unclear from the research whether it's a matter of hardware resilience or architecture, as ARMv8 has a 64-bit architecture. It could just as well be that the attack has higher chances of working on a particular set or brand of memory chips," Arsene said.
Countermeasure (possible)
Guillaume Ross, senior security consultant for global services at Rapid7, told SearchSecurity that Google will likely "attempt to make exploitation harder by applying additional controls on how unprivileged applications can access memory.
"For most end users, ensuring they have an up-to-date device and obtain software from legitimate sources should be sufficient. As privilege escalation issues are discovered regularly on many operating systems, one should always assume that an application could attempt to operate maliciously," Ross said. "It is reasonable to expect that applications attempting to perform this attack at a large scale would be discovered and banned, though very targeted uses of it could remain under the radar."
The researchers claimed their paper proved that "deterministic Rowhammer attacks are a real threat for billions of mobile users" but the research opens the possibility for Rowhammer attacks on platforms other than x86.
Arsene said users might not need to worry too much.
"While the proof of concept proves that the attack is feasible, the chances of seeing this attack in the wild are relatively small, as it doesn't seem to be fully reliable on a wide range of devices and hardware," Arsene said. "There are other, far less sophisticated ways of rooting Android devices, and its likely attackers will stick to those for a while."
Possible Countermeasures:
Fortunately, the lifespan of phones is low enough that hardware changes are only a device-generation away. There are also a few techniques that can be used to detect when a Rowhammer attack is occurring, though flat-out prevention by the OS may not be an option.
Only installing apps from the Google Play Store was the best course of action, but not completely without risk.
"There's always a risk of installing a malicious app, even from the official app store. We've seen it in the past and it will likely happen again," Arsene said. "It all depends on whether Google's bouncer will be trained to spot this behavior in apps and whether new security patches will fix the issues caused by this type of attack."
Vendors are already talking about moving to full up RAM encryption to compensate.
New Threat
Threat Category: TBD - need to define this
Threat:
The attack described in "Drammer: Deterministic Rowhammer Attacks on Mobile Platforms" was found to be effective against ARM-based mobile hardware and allowed a malicious app to gain root access on targeted Android devices. The method was created in collaboration by researchers from Vrije Universiteit Amsterdam, Graz University of Technology in Graz, Austria and the University of California at Santa Barbara. The researchers described Rowhammer as "a hardware bug that allows attackers to manipulate data in memory without accessing it. More specifically, by reading many times from a specific memory location, somewhere else in memory a bit may flip (a one becomes a zero, or a zero becomes a one)." Traditional Rowhammer exploits were unreliable because bit flips are unpredictable and the researchers said experts had questioned whether ARM memory controllers were "fast enough to trigger bit flips."
Researchers used "the predictable behavior of the default physical memory allocator and its memory reuse patterns ... [to] reliably control the layout of physical memory and deterministically place security-sensitive data in an attacker-chosen, vulnerable physical memory location."
This technique, which the researchers called "Phys Feng Shui," combined Rowhammer with a memory massaging primitive and created a deterministic Rowhammer exploitation which made the attack much more reliable.
Liviu Arsene, senior e-threat researcher at Romania-based antimalware firm Bitdefender, said this method would make an attack much faster.
"Because the proposed attack uses a deterministic Rowhammer attack, it suggests that it takes far less time to cause bit flips in targeted physical memory regions, hence the attack would take far less time that the traditional Drammer attack," Arsene told SearchSecurity. "This is particularly dangerous as the attack itself takes less time to successfully control a vulnerable physical memory page [and] increases the chances of exploitation."
According to the researchers, the Rowhammer attack can be hidden inside a malicious Android app which would require no special permissions in order to run and take over a device. The researchers said a large proportion of the Android ecosystem may be vulnerable because 17 out of 21 of 32-bit ARMv7 devices tested and one out of six 64-bit ARMv8 phones were susceptible to Rowhammer. The researchers noted that ARMv7 hardware is "still the most dominant platform with a market share of over 97%."
However, it's difficult to know the true risk to users because Samsung Galaxy smartphones -- by far the best-selling devices tested -- seemed to fare the best in testing. The researchers claimed the Samsung Galaxy S4 and Galaxy S5 were vulnerable, but the S4 was not included in the data set in the paper and the S5 was listed in the data as having zero bit flips when tested. In addition, the Samsung Galaxy S6 was not susceptible to the Rowhammer attack.
"It's unclear from the research whether it's a matter of hardware resilience or architecture, as ARMv8 has a 64-bit architecture. It could just as well be that the attack has higher chances of working on a particular set or brand of memory chips," Arsene said.
Countermeasure (possible) Guillaume Ross, senior security consultant for global services at Rapid7, told SearchSecurity that Google will likely "attempt to make exploitation harder by applying additional controls on how unprivileged applications can access memory.
"For most end users, ensuring they have an up-to-date device and obtain software from legitimate sources should be sufficient. As privilege escalation issues are discovered regularly on many operating systems, one should always assume that an application could attempt to operate maliciously," Ross said. "It is reasonable to expect that applications attempting to perform this attack at a large scale would be discovered and banned, though very targeted uses of it could remain under the radar."
The researchers claimed their paper proved that "deterministic Rowhammer attacks are a real threat for billions of mobile users" but the research opens the possibility for Rowhammer attacks on platforms other than x86. Arsene said users might not need to worry too much. "While the proof of concept proves that the attack is feasible, the chances of seeing this attack in the wild are relatively small, as it doesn't seem to be fully reliable on a wide range of devices and hardware," Arsene said. "There are other, far less sophisticated ways of rooting Android devices, and its likely attackers will stick to those for a while."
Possible Countermeasures: Fortunately, the lifespan of phones is low enough that hardware changes are only a device-generation away. There are also a few techniques that can be used to detect when a Rowhammer attack is occurring, though flat-out prevention by the OS may not be an option.
Only installing apps from the Google Play Store was the best course of action, but not completely without risk. "There's always a risk of installing a malicious app, even from the official app store. We've seen it in the past and it will likely happen again," Arsene said. "It all depends on whether Google's bouncer will be trained to spot this behavior in apps and whether new security patches will fix the issues caused by this type of attack."
Vendors are already talking about moving to full up RAM encryption to compensate.
References:
http://arstechnica.com/security/2016/10/using-rowhammer-bitflips-to-root-android-phones-is-now-a-thing/