A new paper describes a new attack called Blacksmith that can bypass device security by forcing a device's memory into a desired state.
"ARE YOU SINGLE" #shorts
Published by Comsec, a security research group in the Department of Information Technology and Electrical Engineering at ETH Zurich, the paper describes a "Rowhammer" attack that bombards memory with junk data to trigger a bit flip. Comsec's new twist on this attack, Blacksmith, can bypass protections used by DDR4 memory to guard against such attacks.
“All devices with DRAM are likely vulnerable,” Kaveh Razavi, an assistant professor at ETH Zurich and leader of Comsec, told Lifewire in an email.
The scale of the attack is staggering. When Razavi says "all devices", he really means "all devices".