RAMpage Is The Latest Security Problem That Affects All Android Devices Since 2012

Android devices could be exposed to a newly discovered vulnerability called the RAMpage. The exploit could theoretically work on any device with LPDDR memory(Low Power Double Data Rate memory), which includes virtually every smartphone released since 2012.

How does it work?

Dubbed the RAMpage, the attack allows malicious applications to break out of their sandbox and access the entire operating system. This includes accessing the data stored by other applications, which the Android security model is meant to prevent.

Advertisement - Continue reading below

Who discovered RAMpage?

RAMpage was discovered by a group of eight academics across three different universities (Victor van der Veen, Herbert Bos and Kaveh Razavi from Vrije Universiteit Amsterdam; Giovanni Vigna and Christopher Kruegel from UC Santa Barbara; Martina Lindorfer from TU Wien; Yanick Fratantonio from EURECOM and Harikrishnan Padmanabha Pillai from IBM) and the official research paper was published on June 28, 2018. It reads:

RAMpage breaks the most fundamental isolation between user applications and the operating system. While apps are typically not permitted to read data from other apps, a malicious program can craft a RAMpage exploit to get administrative control and get hold of secrets stored in the devices.

What kind of secrets could RAMpage access?

The paper explains that “this might include your passwords stored in a password manager or browser, your personal photos, emails, instant messages and even business-critical documents.”

Who is at risk of the attack?

The researchers tested their RAMpage proof-of-concept exploit successfully on an LG G4 device, but they believe that “every mobile device that is shipped with LPDDR2, LPDDR3, or LPDDR4 memory is potentially affected.”

Basically, every Android Device Since 2012 Is Vulnerable To The RAMpage Attack & Can Control Your Phone.

What has been done to counter the attack?

In response, the researchers have created a defense mechanism dubbed GuardION that can block the exploit on mobile phones.

You can patch your device with GuardION, but this isn’t an easy task. The instructions are advanced and have only been tested on a Pixel running Android 7.1.1 Nougat with a specific kernel.
The research going into RAMpage is still quite new, but now that a spotlight is being placed on it, hopefully we’ll see Google and other OEMs do their part to get devices patched up for users around the globe.