RAMpage: A New Vulnerability in Android Affected Millions of Users

RAMpage: Android Virus

Vulnerabilities of Intel processors are still found – but as it turned out, the problem of hardware exploits was much more extensive. This morning, one of the most significant vulnerabilities of Android smartphones was published over the past few years. The threat, called RAMpage, was discovered by a joint group of researchers from three different universities. It is reported that it is subject to millions of users around the world, starting in 2012.

According to the results of the research, RAMpage vulnerability was found in the subsystem ION – the memory driver used in Android, since version 4.0 Ice Cream Sandwich. But researchers warn that in addition to Android-smartphones, the vulnerability can theoretically be used in devices running iOS.

The exploit causes the ION subsystem to write and update the data in RAM: in some cases, this action allows you to “climb” into neighboring memory cells. Thus, malware can access data from another application, administrator rights and full control over the device. As stated on the specially created website dedicated to RAMpage, it is impossible to detect interference in the memory operation on its own.

RECOMMENDED READ: Google Safe Browsing Expands to Android Apps Requiring User and Data

android rampage virus

“RAMpage allows you to break the original wall between user applications and the operating system. Usually, applications do not have access to reading data from other programs, but malware can exploit the RAMpage exploit to gain administrative control and access to any information from a third-party application. Including saved passwords, personal photos, e-mail or correspondence in instant messengers, and even documents critical for business, “the official study says.

Since the vulnerability is found in the ION driver, all devices with the operational memory LPDDR2 and newer are under threat. In other words, every smartphone released in 2012 or later is vulnerable. However, to exploit the vulnerability requires a unique application that must be run on the device. Since the vulnerability has already been detected, the Google Play validation system should soon receive the appropriate update and identify malicious code in potentially harmful applications.

Data on RAMpage have been published more recently – official comments from Google and other gadget manufacturers have not yet been received. Until then, researchers recommend refraining from installing applications from questionable sources.

Share
Stellar Speedup Mac
Avatar
About Ikechukwu Onu 215 Articles
Ikechukwu Onu is a writer, front-end dev, and digital junkie with a profound interest in all things tech. When not reviewing gadgets or apps, he enjoys contributing in groups and forums, tinkering with websites, and hanging out with friends.