28. October 2016

Drammer: are hardware security holes the Achilles heel of Android?

Why hardware and operating systems manufacturers need to rethink their current security concepts.

Researchers have succeeded in hijacking Android smartphones via a hardware security hole. The experts have called the attack vector “Deterministic Rowhammer” (Drammer for short). In the wrong hands, this can be used to develop powerful malware that can take over the entire smartphone and for acquiring extensive rights (root access) for unauthorised individuals. Like Rowhammer.js, Drammer shows that these theoretical attacks have been gaining in practicability in the past two years. It is just a matter of time until cyber criminals exploit these attack paths as well and cause damage for users. G DATA security expert Christian Lueg explains why a rethink of hardware and operating systems manufacturers’ security concepts is required.