Recently, a new power-based side-channel attack named Platypus was discovered by researchers at the Institute of Applied Information Processing and Communications at the Graz University of Technology. The name of this cyber-attack is an acronym for “Power Leakage Attacks: Targeting Your Protected User Secrets.”
The first of its kind passive attack, Platypus exploits fluctuations in power consumption to extract sensitive data, such as cryptographic keys on devices including desktop PCs, laptops, and cloud computing servers from Intel and AMD.
- According to the research team that discovered this cyber-attack, Platypus attacks are much more effective on Linux based systems while they are also possible on Windows and macOS.
- The attack allows attackers to steal data by exploiting fluctuations in power consumption, i.e. without any physical access by utilizing power side-channel attacks.
Researches and their experimentation –
- Two key approaches were used by the researchers, the first being the RAPL interface (Running Average Power Limit), and the second was Intel’s security function Software Guard Extensions (SGX).
- The researchers demonstrated methods to bypass KASLR by putting to use the combination of these two approaches and observing RAPL power consumption values, retrieval of data from the Linux kernel, and retrieval of data being processed inside Intel SGX secure enclaves.
Resolving the threat
- According to an advisory released by Intel, the microcode and Linux driver updates to block Platypus attacks for CVE-2020-8694 (Linux+Intel) and CVE-2020-8695 (Intel) vulnerabilities.
- In the ARM-based devices, researchers have observed leakage through energy consumption, in addition to power consumption. AMD has updated the RAPL interface for CVE-2020-12912 (Linux+AMD).
Software-based power side-channel attacks are particularly powerful due to the zero-stepping capabilities of a privileged attacker. Additionally, other processor vendors are likely impacted by the Platypus attack as they include a RAPL interface with their products. To prevent any possible platypus cyber-attack our internal experts suggest users to adopt and apply the solutions that are developed by vendors at the earliest.
To read more, please check eScan Blog