Close Menu

    Subscribe to Updates

    Get the latest tech news from Tallwire.

      What's Hot

      Digital Lockdowns or Lost Opportunities? The Hidden Cost of Social Media Bans on Education

      July 16, 2026

      Social Media Ban Proposal Sparks Fears of Collateral Damage for Educational Technology Firms

      July 16, 2026

      Washington’s Intel Gamble Begins Delivering Strategic Results

      July 16, 2026
      Facebook X (Twitter) Instagram
      • Tech
      • AI
      • Get In Touch
      Facebook X (Twitter) LinkedIn
      TallwireTallwire
      • Tech

        U.S. Biotechs Turn to Secrecy as China Accelerates Drug Development Race

        July 16, 2026

        Fiat Bets on Tiny EV as Affordable Transportation Returns to the Spotlight

        July 15, 2026

        Personalized UVB Device Promises Vitamin D Benefits While Raising Questions About Medicalizing Everyday Health

        July 15, 2026

        Meta Patent Ignites Fresh Fears Over AI-Powered Emotional Surveillance

        July 14, 2026

        AI Protesters March on Silicon Valley Giants Demanding Development Freeze

        July 14, 2026
      • AI

        Washington’s Intel Gamble Begins Delivering Strategic Results

        July 16, 2026

        AI Chatbots Face Growing Scrutiny as Mental Health Risks Draw Medical Alarm

        July 16, 2026

        U.S. Biotechs Turn to Secrecy as China Accelerates Drug Development Race

        July 16, 2026

        Record Industry Pushes for AI Labels on Streaming Music

        July 15, 2026

        AI Chatbots Increasingly Clash With Eating Disorder Treatment

        July 15, 2026
      • Security

        Social Media Ban Proposal Sparks Fears of Collateral Damage for Educational Technology Firms

        July 16, 2026

        China’s AI Distillation Campaign Raises New Concerns Over U.S. Technology Security

        July 13, 2026

        AI Tools Increasingly Exploited by Terrorist Organizations, New Research Finds

        July 13, 2026

        Pentagon Expands Engineering Recruitment to Restore America’s Military Technology Edge

        July 13, 2026

        EU Lawmakers Advance Controversial Private Message Scanning Measure Despite Mounting Privacy Concerns

        July 12, 2026
      • Health

        AI Chatbots Face Growing Scrutiny as Mental Health Risks Draw Medical Alarm

        July 16, 2026

        AI Chatbots Increasingly Clash With Eating Disorder Treatment

        July 15, 2026

        Personalized UVB Device Promises Vitamin D Benefits While Raising Questions About Medicalizing Everyday Health

        July 15, 2026

        Humanoid Robots Complete First Live Surgical Procedures in Medical Milestone

        July 14, 2026

        Meta Patent Ignites Fresh Fears Over AI-Powered Emotional Surveillance

        July 14, 2026
      • Science

        AI Chatbots Face Growing Scrutiny as Mental Health Risks Draw Medical Alarm

        July 16, 2026

        U.S. Biotechs Turn to Secrecy as China Accelerates Drug Development Race

        July 16, 2026

        Scientists Advance “StormWall” Concept to Defend Earth from Catastrophic Solar Storms

        July 15, 2026

        Personalized UVB Device Promises Vitamin D Benefits While Raising Questions About Medicalizing Everyday Health

        July 15, 2026

        Humanoid Robots Complete First Live Surgical Procedures in Medical Milestone

        July 14, 2026
      • Tech

        AI Protesters March on Silicon Valley Giants Demanding Development Freeze

        July 14, 2026

        Palo Alto Networks CEO Warns AI Costs Must Plunge Before Enterprise Adoption Can Accelerate

        July 14, 2026

        DeepMind Unionization Effort Encounters Early Resistance as Labor Talks Stall

        July 11, 2026

        Always-On Workplace Culture Pushes Employees Toward the Breaking Point

        July 10, 2026

        High-Income Families Embrace AI-Driven Schools as Alternative Education Expands

        July 9, 2026
      TallwireTallwire
      Home»Tech»Phoenix Attack: New RowHammer Variant Exposes DDR5 Memory to Rapid Breach
      Tech

      Phoenix Attack: New RowHammer Variant Exposes DDR5 Memory to Rapid Breach

      Updated:December 25, 20254 Mins Read
      Facebook Twitter Pinterest LinkedIn Tumblr Email
      Phoenix Attack: New RowHammer Variant Exposes DDR5 Memory to Rapid Breach
      Phoenix Attack: New RowHammer Variant Exposes DDR5 Memory to Rapid Breach
      Share
      Facebook Twitter LinkedIn Pinterest Email

      A recent discovery dubbed Phoenix (CVE-2025-6202) shows that modern DDR5 memory modules—specifically those made by SK Hynix between 2021 and 2024—are more vulnerable than previously thought. Researchers from ETH Zürich and Google reverse-engineered the in-DRAM protections SK Hynix had built in and found gaps in the “Target Row Refresh” (TRR) mechanisms: certain refresh intervals were not sampled, allowing attackers to self-correct and synchronize memory hammering and trigger bit flips. In tests, Phoenix was able to bypass all known mitigations and gain root access on a standard desktop system in about 109 seconds under default settings. It also succeeded in stealing RSA-2048 keys from a co-located virtual machine and altering privilege boundaries via sudo. While the only temporary defense is increasing DRAM refresh rates (3× the normal rate, which carries performance penalties), the deeper conclusion is that future DRAM designs need stronger, more principled mitigations such as per-row activation counters to be secure. 

      Sources: ComSec.ethz.ch, Hacker News

      Key Takeaways

      – Existing Mitigations Are Not Enough: Standard protections like on-die ECC and advanced TRR schemes in SK Hynix DDR5 modules still leave blind spots that can be exploited by the Phoenix attack. 

      – Serious Real-World Impact: Attackers can escalate privileges, access sensitive keys (e.g. RSA-2048), or fully compromise systems in under two minutes using commodity hardware with default settings. 

      – Mitigations Trade Off Performance, and New Designs Needed: Increasing refresh rates helps mitigate Phoenix but with performance and stability costs. Long-term safety requires redesigning DRAM defenses (e.g. per-row activation counting) rather than relying on band-aid fixes. 

      In-Depth

      The Phoenix discovery marks a troubling new chapter in hardware security vulnerabilities. For years, RowHammer has been a known threat: the ability to repeatedly access (or “hammer”) a row of DRAM cells to induce bit flips in adjacent rows has been demonstrated since 2014, mostly in DDR3 and DDR4 devices. Over time, vendors added mitigations—error-correcting code (ECC), Target Row Refresh (TRR), and other refresh rate adjustments—to make these attacks harder. Until recently, DDR5 was thought to be more resilient thanks to improved internal refresh management and denser protection schemes. But Phoenix reveals that the guardrails are not impermeable.

      Researchers from ETH Zürich and Google systematically reverse-engineered the TRR mechanisms inside SK Hynix DDR5 modules and saw that while many intervals were protected, some refresh intervals were not sampled—those blind spots are where Phoenix finds its entry. The attack operates by keeping track of thousands of refresh operations. When a missed refresh interval (i.e. a gap in the protection coverage) is detected, the attack self-corrects and hammers at precisely the moments needed. Across their test pool—15 SK Hynix DDR5 DIMMs made between 2021 and 2024—they triggered bit flips in all of them. What’s worse, they didn’t just produce bit flips: they converted them into practical exploits, including root escalation in minutes under default settings, stealing RSA keys, and altering system binaries like sudo.

      The implications are broad. For users and system builders, the short-term remedy is painful: increase refresh rates to triple standard rates. This makes Phoenix much harder to execute, but at a cost—higher power usage, possible instability, and performance drops. For chip manufacturers and the hardware security community, the Phoenix attack underlines that incremental mitigations are no substitute for robust design: mechanisms such as per-row activation counters that give strong guarantees of protection will likely become essential. As DRAM geometries shrink and modules pack more densely, electrical interference between memory cells will only become harder to manage; attacks like Phoenix may be a harbinger of more to come rather than an isolated anomaly. Maintaining trust in system memory security now depends on both software (firmware/BIOS updates) and hardware evolution.

      Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
      Previous ArticlePhishers Hijack iCloud Calendar Invites to Mask Callback Scams Using Apple & Microsoft Infrastructure
      Next Article Photoshop Beta Now Lets You Pick Google’s Viral ‘Nano Banana’ Model for Generative Fill

      Related Posts

      U.S. Biotechs Turn to Secrecy as China Accelerates Drug Development Race

      July 16, 2026

      Fiat Bets on Tiny EV as Affordable Transportation Returns to the Spotlight

      July 15, 2026

      Personalized UVB Device Promises Vitamin D Benefits While Raising Questions About Medicalizing Everyday Health

      July 15, 2026

      Meta Patent Ignites Fresh Fears Over AI-Powered Emotional Surveillance

      July 14, 2026
      Add A Comment
      Leave A Reply Cancel Reply

      Editors Picks

      U.S. Biotechs Turn to Secrecy as China Accelerates Drug Development Race

      July 16, 2026

      Fiat Bets on Tiny EV as Affordable Transportation Returns to the Spotlight

      July 15, 2026

      Personalized UVB Device Promises Vitamin D Benefits While Raising Questions About Medicalizing Everyday Health

      July 15, 2026

      Meta Patent Ignites Fresh Fears Over AI-Powered Emotional Surveillance

      July 14, 2026
      Popular Topics
      Startup Tesla Cybertruck Satellite Series A Satya Nadella starlink Series B spotlight Sundar Pichai UAE Tech Samsung SpaceX trending Taiwan Tech Stocks Viral Software Tim Cook Space Tesla
      Major Tech Companies
      • Apple News
      • Google News
      • Meta News
      • Microsoft News
      • Amazon News
      • Samsung News
      • Nvidia News
      • OpenAI News
      • Tesla News
      • AMD News
      • Anthropic News
      • Elbit News
      AI & Emerging Tech
      • AI Regulation News
      • AI Safety News
      • AI Adoption
      • Quantum Computing News
      • Robotics News
      Key People
      • Sam Altman News
      • Jensen Huang News
      • Elon Musk News
      • Mark Zuckerberg News
      • Sundar Pichai News
      • Tim Cook News
      • Satya Nadella News
      • Mustafa Suleyman News
      Global Tech & Policy
      • Israel Tech News
      • India Tech News
      • Taiwan Tech News
      • UAE Tech News
      Startups & Emerging Tech
      • Series A News
      • Series B News
      • Startup News
      Tallwire
      Facebook X (Twitter) LinkedIn Threads Instagram RSS
      • Tech
      • Entertainment
      • Business
      • Government
      • Academia
      • Transportation
      • Legal
      • Press Kit
      © 2026 Tallwire. Optimized by ARMOUR Digital Marketing Agency.

      Type above and press Enter to search. Press Esc to cancel.