Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
Researchers hide malware in Intel SGX enclaves
#1
Quote:Research team also publish proof-of-concept code for enclave malware on GitHub.

A team of academics has found a way to abuse Intel SGX enclaves to hide malicious code from security software and to allow the creation of what researchers are calling "super-malware."

Intel Software Guard eXtensions (SGX) is a feature found in all modern Intel CPUs that allow developers to isolate applications in secure "enclaves."

The enclaves work in a hardware-isolated section of the CPU's processing memory where applications can run operations that deal with extremely sensitive details, such as encryption keys, passwords, user data, and more.
Until today, the only known vulnerabilities impacting SGX enclaves had been side-channel attacks that leaked the data being processed inside an enclave, revealing an app's secrets.

But in a research paper published today, security researchers showed that SGX enclaves could be used as a place to hide undetectable malware


[Image: read-more-button.png]
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  TrickBot now crashes researchers' browsers to block malware analysis mrtrout 0 758 01-26-2022 , 11:54 PM
Last Post: mrtrout
  New ways to phish found by academic researchers mrtrout 0 519 01-07-2022 , 12:14 AM
Last Post: mrtrout
  Researchers Uncover 'Process Ghosting' — A New Malware Evasion Technique mrtrout 0 778 06-17-2021 , 08:34 PM
Last Post: mrtrout
  APT Charming Kitten Pounces on Medical Researchers Bjyda 0 1,036 03-31-2021 , 09:40 PM
Last Post: Bjyda
  Avast researchers identify OnionCrypter, a key malware component since 2016 mrtrout 1 1,290 03-25-2021 , 09:51 AM
Last Post: Mohammad.Poorya

Forum Jump:


Users browsing this thread: 1 Guest(s)