Microsoft Defender for Endpoint (MDE), the enterprise version of the Windows 10 Defender antivirus platform, now comes with support for blocking cryptojacking malware using Intel's silicon-based Threat Detection Technology (TDT).
Intel TDT is part of the chip maker’s Hardware Shield's suite of capabilities that’s available on the Intel vPro and Intel Core platforms.
TDT runs low-level hardware telemetry collected from the CPU's performance monitoring unit (PMU) through machine learning models that have been trained to detect cryptomining malware.
- These are the best endpoint protection tools
- Check our list of the best firewall apps and services
- Here’s our collection of the best disaster recovery services
“We’re working closely with chipmakers to always explore new possibilities for hardware-based defense hardening and deliver robust and resilient protection against cyber threats,” wrote the MDE Team in a post announcing the new capability.
Complete remediation
Explaining the effectiveness of TDT, Intel said that in a typical cryptomining attack, malware indulges in activities, such as mining cryptocurrencies, that use a computer’s resources, which puts it under extreme duress.
This can slow down the computer to a crawl in the short terms, and permanently damage the hardware in the long run.
What makes it even worse is that some cryptojacking scripts have worming capabilities, which can be used to infect devices and servers across a network, warns Intel.
Once it detects such unauthorized cryptomining activity, TDT will send a high-fidelity signal to MDE in order to trigger remediation steps to neutralize the activity and prevent the malware from spreading across the network.
“Even though we have enabled this technology specifically for cryptocurrency mining, it expands the horizons for detecting more aggressive threats like side-channel attacks and ransomware. Intel TDT already has the capabilities for such scenarios, and machine learning can be trained to recognize these attack vectors,” explain the MDE team.
- Protect your devices with these best antivirus software
Via BleepingComputer
