Lately, we are seeing several exploits in the smartphones which we carry all the time. While we came to know that a single text message or a Bluetooth connection can give your smartphone access to attackers. Now, a new exploit called RAMpage is discovered by researchers which can give attackers the access to all the Android smartphones launched on or after 2012. It is based on the Rowhammer bug which is more like a side effect of using SDRAM modules.
When the attackers electrically attack the same memory cell which stores the data in binary cells (1 or 0), it can flip the bits from 1 to 0 or 0 to 1. By doing this, the stored data can be altered and attackers can gain access to that. We also can’t except any hardware fixes for all the prone devices. Even there are no software fixes currently available for this kind of attacks, we should soon expect the companies to come out with some sort of solution.
On Android-powered devices, the apps are not permitted to read data from other apps. But with the RAMpage exploit, they can get the administrator control to gain access to the securely stored data on the device. The data might even include the photos, messages, and even the stored passwords in a password manager app. While it’s in the early stage, the RAMpage vulnerability could also affect Apple iPhones, laptop, and other gadgets using DRAM.
Just like many other vulnerabilities, the RAMpage vulnerability also sides a malicious app. While Google’s Play Store doesn’t allow any malicious app, you might be at risk only when you sideload any apps on your smartphone. While we will update the article if there is a solution to the RAMpage attack, till then we only recommended you all to use Play Store or device’s official app store to install any app.