Mobile Threat Catalogue

Malicious App Reading Secrets from Memory

Contribute

Threat Category: Mobile Operating System

ID: STA-43

Threat Description: All operating systems intend to separate normally executed processes (e.g. excepting debuggers or similar environments that were specifically designed otherwise), thereby preventing one user-level process from accessing the memory allocated to another process in any way. Vulnerabilities in the design or implementation of the mobile OS, kernel, or the underlying computational hardware (e.g. CPU), may allow a malicious process to access memory locations allocated to another process. As a result, the attacker may be able to extract secrets (e.g. cryptographic keys, sensitive documents) from other processes, to potentially include the OS services or the kernel itself.

Threat Origin

Project Zero: Reading privileged memory with a side-channel 1

Exploit Examples

Spectre Attacks: Exploiting Speculative Execution 2

Meltdown 3

CVE Examples

Possible Countermeasures

Mobile App Developer

To reduce the opportunity for an attacker to compromise the confidentiality of secrets in process memory, the memory location allocated to any secrets, such as cryptographic keys, should be explicitly overwritten as soon as its contents are no longer in use.

To reduce the opportunity for an attacker to compromise the confidentiality of secrets in process memory, secrets (e.g. cryptographic keys) should not be read into memory until they are needed as input to computations.

Enterprise

To reduce the opportunity for an attacker to leverage any underlying vulnerability in the mobile OS or computing hardware, apply OS security updates in a timely fashion.

Mobile Device User

To reduce the opportunity for an attacker to leverage any underlying vulnerability in the mobile OS or computing hardware, apply OS security updates in a timely fashion.

References

  1. J. Horn, “Reading privileged memory with a side-channel”, Project Zero blog, Google, Jan. 3, 2018; https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html [accessed 1/10/2018] 

  2. P. Kocher et al., Spectre Attacks: Exploiting Speculative Execution, white paper, 2017; https://spectreattack.com/spectre.pdf [accessed 02/02/2018] 

  3. M. Lipp et al., Meltdown, white paper, 2017; https://meltdownattack.com/meltdown.pdf [accessed 02/02/2018]