At #USENIXSecurity25, we present Posthammer, the first pervasive browser-based Rowhammer attack using non-uniform Rowhammer patterns in JavaScript.
The key ideas:
• Refresh postponement delays DRAM refreshes to make hammering more effective.
• Lanes craft non-uniform Rowhammer patterns from minimal eviction sets.
The result? 61% of DDR4 devices can be compromised from JavaScript!
More information: https://comsec.ethz.ch/posthammer
At #USENIXSecurity25, we present Posthammer, the first pervasive browser-based Rowhammer attack using non-uniform Rowhammer patterns in JavaScript.
The key ideas:
• Refresh postponement delays DRAM refreshes to make hammering more effective.
• Lanes craft non-uniform Rowhammer patterns from minimal eviction sets.
The result? 61% of DDR4 devices can be compromised from JavaScript!
More information: https://comsec.ethz.ch/posthammer