A newly disclosed vulnerability, named the WireTap attack, allows attackers with physical access to break the security of Intel’s Software Guard eXtensions (SGX) on modern server processors and steal sensitive information.
A research paper released in October 2025 details how this method can extract cryptographic keys from supposedly secure SGX enclaves using a low-cost setup, challenging the foundational trust placed in these hardware-based security environments.
The attack undermines the confidentiality and integrity guarantees of SGX, a technology widely used to protect sensitive data and computation, even from privileged software.
The researchers demonstrated that physical attacks, once believed to require expensive and specialized equipment, can now be executed by hobbyists on a budget of less than $1,000.
WireTap Attack
The core of the WireTap attack is a custom-built memory interposition probe that physically taps into the DRAM bus, allowing the attacker to observe the data moving between the CPU and the system’s memory.
The researchers constructed this tool using readily available components from second-hand electronic marketplaces, including a simple DIMM riser board, tweezers, and a soldering iron.
A key innovation was slowing down the system’s high-speed DDR4 memory bus. By modifying the DIMM’s metadata, the researchers forced the system to operate at a much lower frequency.
This crucial step made it possible to capture the data traffic using outdated and inexpensive logic analyzers not originally designed for modern hardware.
This approach shatters the long-held assumption that physical memory attacks on server-grade systems were out of reach for all but the most well-funded adversaries.
The attack specifically targets Scalable SGX, the version used in Intel’s Xeon server processors, which relies on a deterministic memory encryption scheme called AES-XTS.
Unlike older SGX implementations, this scheme produces the same ciphertext whenever the same data is written to the same physical memory address.
The WireTap setup allows attackers to observe these encrypted memory transactions in real-time. By carefully controlling an SGX enclave and forcing it to perform cryptographic operations, the researchers were able to mount a ciphertext side-channel attack.
They observed the encrypted memory traffic during the generation of an ECDSA signature, a process used for SGX attestation. This allowed them to build a dictionary of ciphertexts and recover the secret nonce used in the signing operation.
With the nonce and the public signature, they successfully extracted the machine’s private DCAP attestation key from a fully trusted server in under 45 minutes.
The consequences of extracting an SGX attestation key are severe, particularly for the blockchain and Web3 ecosystems that rely on SGX for security.
Many decentralized networks, with market caps totaling hundreds of millions of dollars, use SGX to ensure confidential transactions and the integrity of computation.
The researchers demonstrated end-to-end attacks on several real-world SGX deployments. For privacy-preserving smart contract networks like Phala and Secret, a compromised key would allow an attacker to forge quotes, run malicious enclaves, and extract master keys, enabling network-wide decryption of confidential transactions.
On decentralized storage networks like Crust, an attacker could fake proofs of storage, allowing them to claim financial rewards without actually storing any data, thereby breaking the system’s integrity guarantees. The researchers have disclosed their findings to Intel and the affected blockchain projects.
Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.
