Your DDR4 memory could be facing the return of some serious assaults

DMCA / Correction Notice
- Advertisement -


Researchers have developed a new fuzzing-based technique called Blacksmith that can successfully trigger the Rowhammer vulnerability against all modern DDR4 RAM module, bypassing the existing mitigation.

- Advertisement -

The Rowhammer hack works by manipulating the electrical charge in modern memory chips. Hitting one row of transistors repeatedly with a hammer results in the values ​​in adjacent rows being flipped.

earlier this year Google engineers revealed Rohmer’s attack was now more laudable for recent improvements in the design of modern DRAM memory chips.

Techradar needs you!
advertisement

We’re looking at how our readers use a VPN with streaming sites like Netflix so we can improve our content and offer better advice. This survey will take you no more than 60 seconds, and we would greatly appreciate it if you shared your experiences with us.

>> Click here to start survey in new window <

- Advertisement -

To prevent rowhammers, DRAM applies a mitigation technique known as Target Row Refresh (TRR). However, Cyber ​​security Researchers from the Computer Security Group at COMSEC, ETH Zurich, have now demonstrated that the Blacksmith Rohamer Fuzzer can bypass TRR on 100% PC-DDR4 DRAM devices.

no ram protected

Prior to Blacksmith, researchers had developed a technology called TRespass that could trigger bit flips on 31% of today’s PC-DDR4 devices. He then built on top of that work to develop a new approach “to crafting”. Unequal And depending on the frequency Rohmer Access Pattern. ,

Feeding the pattern into the Blacksmith Fuzzer, the researchers could trigger bit flips in all 40 tested DDR4 RAM modules in a 256 MB contiguous memory region.

“Finally, our work confirms that the claims of DRAM vendors about Rohamer protection are false and lure you into a false sense of security. All currently deployed mitigations are insufficient to fully protect against Rohammer. Our new The pattern suggests that attackers can take advantage of the system more easily than previously thought.” share researcher.

While using ECC-enabled DRAM would make exploitation harder, it’s still not an effective defense strategy, the researchers said.

However, reporting on the development, bleeding computer Claims the Rohmer new may not have as many problems DDR5 DRAM modules, which have replaced TRR with a new system dubbed Refresh Management.

Despite the danger, use these best endpoint protection tools To protect your computer from cyber attacks

- Advertisement -

Stay on top - Get the daily news in your inbox

Recent Articles

Related Stories