Ethical Hacking News
A new $50 attack has been discovered that allows attackers to bypass Intel and AMD cloud security protections, putting sensitive data at risk. Experts warn of potential catastrophic consequences for cloud computing users, who must take proactive steps to protect their systems and data.
Battering RAM is a new hardware hack that bypasses robust security measures in public cloud environments. The attack uses an interposer device to manipulate signals between the processor and memory, allowing unauthorized access to protected memory regions. The vulnerability exploits DDR4 memory and can be used on Intel and AMD platforms, with potential catastrophic consequences for sensitive data. Experts warn of breaches of remote attestation and insertion of arbitrary backdoors into protected workloads. The discovery highlights the need for a more comprehensive approach to cloud security.
The latest security threat to hit the cloud computing landscape is a game-changer, one that leverages an innovative hardware hack to bypass even the most robust security measures in place. This new vulnerability, dubbed Battering RAM, has sent shockwaves throughout the industry, with experts warning of potential catastrophic consequences for sensitive data stored in public cloud environments.
Battering RAM was discovered by a team of researchers from KU Leuven and the University of Birmingham, who built a simple yet effective interposer device that can be constructed for less than $50. This diminutive hardware hack uses analog switches to manipulate signals between the processor and memory, allowing it to redirect physical addresses and gain unauthorized access to protected memory regions.
The attack works by leveraging the fact that many cloud computing platforms rely on DDR4 memory, which is specifically targeted by Battering RAM. By inserting the interposer device into the system's memory path, the researchers were able to turn what was initially a trusted security feature – Intel's Software Guard Extensions (SGX) and AMD's Secure Encrypted Virtualization with Secure Nested Paging (SEV-SNP) hardware security features – into a vulnerability that can be exploited by an attacker.
On Intel platforms, Battering RAM achieves arbitrary read access to victim plaintext or write plaintext into victim enclaves. This means that an attacker could potentially extract sensitive data from protected workloads without raising any suspicion. Similarly, on AMD systems, the attack can be used to sidestep recent firmware mitigations against BadRAM and introduce arbitrary backdoors into virtual machines.
The implications of Battering RAM are far-reaching, with experts warning of potential breaches of remote attestation and the insertion of arbitrary backdoors into protected workloads. This is particularly concerning in light of the fact that many cloud infrastructure providers and insiders have limited physical access to sensitive data, making it all too easy for an attacker to compromise systems.
The discovery of Battering RAM follows a series of recent vulnerabilities that have highlighted the growing importance of robust security measures in the cloud computing landscape. In particular, the L1TF Reloaded vulnerability, which was discovered by Vrije Universiteit Amsterdam researchers last month, has shown how a sophisticated attack can be mounted using a combination of CPU vulnerabilities.
Spectre, which first came to light in early 2018, continues to haunt modern CPUs, albeit in the form of different variants. As recently as two weeks ago, academics from ETH Zürich devised a new attack known as VMScape (CVE-2025-40300), which breaks virtualization boundaries in AMD Zen CPUs and Intel Coffee Lake processors.
In light of these recent vulnerabilities, it is more important than ever for cloud computing providers to take a proactive approach to security. This includes implementing robust measures to detect and respond to potential breaches, as well as providing customers with clear guidance on how to protect their sensitive data.
For the end-user, this means being vigilant about the security of their cloud-based systems and taking steps to prevent unauthorized access. This could involve using strong passwords, keeping software up-to-date, and monitoring system logs for any suspicious activity.
Ultimately, the discovery of Battering RAM highlights the need for a more comprehensive approach to cloud security. By working together, cloud computing providers and users can develop effective strategies to mitigate this vulnerability and ensure that sensitive data remains protected.
Related Information:
https://www.ethicalhackingnews.com/articles/New-50-Battering-RAM-Attack-Breaks-Intel-and-AMD-Cloud-Security-Protections-A-Comprehensive-Analysis-ehn.shtml
https://thehackernews.com/2025/10/50-battering-ram-attack-breaks-intel.html
https://cybersecuritynews.com/battering-ram-attack/
Published: Wed Oct 1 07:02:15 2025 by llama3.2 3B Q4_K_M
