New Rowhammer Attack Can Hijack Computers Remotely Over the Network
Exploitation of Rowhammer attack just got easier.
Dubbed ‘Throwhammer,’ the newly discovered technique could allow attackers to launch Rowhammer attack on the targeted systems just by sending specially crafted packets to the vulnerable network cards over the local area network.
Known since 2012, Rowhammer is a severe issue with recent generation dynamic random access memory (DRAM) chips in which repeatedly accessing a row of memory can cause “bit flipping” in an adjacent row, allowing anyone to change the contents of computer memory.
The issue has since been exploited in a number of ways to achieve remote code execution on the vulnerable computers and servers.
However, all previously known Rowhammer attack techniques required privilege escalation on a target device, meaning attackers had to execute code on targeted machines either by luring victims to a malicious website or by tricking them into installing a malicious app.
Unfortunately, this limitation has now been eliminated, at least for some devices.
Read more: The Hacker News