Intel SGX technology used by researchers to create malware that cannot be detected by Antivirus

Intel SGX technology provides that it is possible to create enclaves, or memory areas inaccessible from the outside where you can store data and program code whose security is essential. However, this system can also be used for malicious purposes, as some Austrian security researchers have found. Using Intel SGX technology, it is possible to create malware that cannot be detected by antivirus.

Intel SGX (Software Guard eXtensions) is the name given to a feature introduced with Skylake architecture processors. This functionality requires that the data and the code of a program be locked up in an enclave which no other program can access, so as to guarantee the confidentiality and integrity of the program and its data. This enclave is created through transparent (ie invisible to the program) encryption of the contents in RAM, which makes the content of the enclave accessible only by the code inside it.

In principle, Intel SGX technology offers the possibility for developers to protect their programs, both in traditional conditions and in the cloud, where not even having physical access to the machine can access the code. In general, any application that requires a particular degree of security and privacy (for example: the management of biometric data) can benefit from the use of technology.

The problem is that you can also develop malicious programs that use SGX: in this way, the programs are completely safe from any form of security such as antivirus. Just as legitimate programs can protect themselves from the look of other programs using encryption, so can programs with negative intent.

The problem is that the code in the enclave can, instead, act on what is outside it, although it cannot perform actions such as reading from or writing to disk. Using specific instructions, programs can implement transactions: they can then read and write to memory locations so that these readings and writes are seen as atomic (even if they are not at the implementation level): this means they are completely successful, and readings and scripts occur without problems, or do not happen at all. There are no middle ways, in which the read data may have been changed in the meantime or there may have been overwriting.

An additional advantage of these transactions is that in the event of an error, for example: if invalid memory addresses are accessed, the program does not crash as it normally would, but simply re-enters an error that must be handled by the program itself.

This allows you to modify a program outside the encoder to execute the desired code. This allows to build malware like ransomware, with the certainty of its total effectiveness: in this last case, it would be possible to build a ransomware that encrypts the contents of the disk keeping the encryption key hidden in the enclave. Not the perfect crime, but almost.

In order to develop and execute code that exploits Intel SGX technology, it is necessary to make an agreement with Intel, which issues a certificate that can be used to allow the processor to accept code loading in an enclave.

In theory, this would prevent the situation outlined above from happening, but the researchers found that by writing a simple program that loads the code from the disk, this limitation can be avoided, since no checks are made on what is loaded by the program.

It is possible to circumvent the limitations of Intel using badly written code to make it load malicious programs that can damage the system. This is made even more dangerous by the fact that with the eighth generation (and later) processors, it is not necessary to have an Intel certificate in order to create an enclave.

Intel responded by saying that the behavior detected by the researchers is in line with the specifications: it is not a bug, but an incorrect application of the technology that does not fit into its purpose or its specifications and cannot be corrected.

Although currently unlikely that an attack will be carried out in these ways, the way in which this type of flaws will be used is difficult to predict and raises serious doubts about how to protect yourself from this type of attack.