Every Android Phone Since 2012 Has This Security Flaw, And There's Nothing You Can Do To Fix It
01 July, 2018
A team of eight academics from around the world published a paper today, outlining how they were able to use an exploit to read and manipulate the data in a smartphone’s memory.
The worst part is they say this exploit is applicable to any smartphone released since 2012.
The exploit is called RAMpage, because it focuses on a vulnerability in the RAM. And while it was tested on a smartphone, namely the LG G4, it could potentially also apply to tablets, desktops, and even cloud servers.
It involves using a malicious app to send repetitive read/write requests to a device’s LPDDR memory. When done a certain way, it could create an electrical field within the RAM, allowing the app to read and change data stored in the RAM from other apps. And LPPDR RAM has been used in almost every handheld device launched since 2012.