Researchers use Intel SGX to put malware beyond the reach of antivirus software

As well as making malware in general harder to examine, bad actors could use this protection to, for example, write ransomware applications that never disclose their encryption keys in readable memory, making it substantially harder to recover from attacks.The research, performed at Graz University of Technology by Michael Schwarz, Samuel Weiser, and Daniel Gruss (one of the researchers behind last year's Spectre attack), uses a feature that Intel introduced with its Skylake processors called SGX ("Software Guard eXtensions"). The processor governs access to the enclave memory: any attempt to access the enclave's memory from code outside the enclave is blocked; the decryption and encryption only occurs for the code within the enclave.SGX has been promoted as a solution to a range of security concerns when a developer wants to protect code, data, or both, from prying eyes. As such, naively it would appear that a hypothetical SGX-based ransomware application would need considerable code outside the SGX enclave: the pieces to enumerate all your documents, read them, and overwrite them with their encrypted versions would not be protected. Indeed, an enclave could be entirely benign but contain exploitable flaws that allow attackers to inject their malicious code inside; SGX doesn't protect against plain-old coding errors.This particular aspect of SGX has been widely criticized, as it makes Intel a gatekeeper of sorts for all SGX applications. Accordingly, second-generation SGX systems (which includes certain processors branded eighth-generation or newer) relax this restriction, making it possible to start enclaves that aren't signed by Intel's whitelisted signers.As such, the research shows that SGX can be used in a way that isn't really supposed to be possible: malware can reside within a protected enclave such that the unencrypted code of that malware is never exposed to the host operating system, including antivirus software.