Researchers have discovered a way to plant a malware on Intel SGX. Intel SGX is a hardware-based memory encryption which isolates sensitive data to protect it from modification.
The technique used by researchers allows you to implant malware in secure memory which uses protection of SGX, which are otherwise designed to protect important data from being tampered.
SGX (Software Guard Extensions) allows developers to run application modules in an isolated region of memory, called enclaves, which are designed to be protected from processes running at higher privilege levels like the operating system, BIOS, hypervisor, etc.
However, the researchers, managed to bypass this and got their own application in the secure enclaves by using an old technique of return-oriented programming (ROP).
The attack uses Transactional Synchronization eXtensions (TSX), found in modern Intel CPUs, with a read primitive technique called TSX-based Address Probing (TAP).
TAP uses TSX to determine if an address is accessible by a process, and this exploration of memory is undetectable because normal applications cannot look inside an enclave, by design.
“Our SGX-ROP attack uses new TSX-based memory-disclosure primitive and a write-anything-anywhere primitive to construct a code reuse attack from within an enclave which is then inadvertently executed by the host application,” reads a research paper [PDF] published Tuesday.
However, the team developed a write primitive, called “Checking Located Addresses for Writability” (CLAW), which writes instruction within a TSX transaction and explicitly aborts the transaction after the write.
Once the malware gets its way into the secure enclave, the integrity with which SGX guarantees will prohibit researchers or any security solutions from detecting the malware.
“Moreover, there’s a potential threat of next-generation ransomware which securely keeps encryption keys inside the enclave and, if implemented correctly, prevents ransomware recovery tools,” the academics explain.
The researchers also developed a proof-of-concept exploit which bypassed ASLR, stack canaries, and address sanitizer, to “run ROP gadgets in the host context enabling practical enclave malware,” and the entire exploit process took 20.8 seconds.