Microsoft Defender now blocks even more nasty crypto malware

News
By Mayank Sharma
published

Will be expanded to curb other threats as well, says Microsoft

Scammers
(Image credit: Pixabay)

Microsoft Defender for Endpoint (MDE), the enterprise version of the Windows 10 Defender antivirus platform, now comes with support for blocking cryptojacking malware using Intel's silicon-based Threat Detection Technology (TDT).

Intel TDT is part of the chip maker’s Hardware Shield's suite of capabilities that’s available on the Intel vPro and Intel Core platforms. 

TDT runs low-level hardware telemetry collected from the CPU's performance monitoring unit (PMU) through machine learning models that have been trained to detect cryptomining malware.

TechRadar needs yo...

We're looking at how our readers use VPN for a forthcoming in-depth report. We'd love to hear your thoughts in the survey below. It won't take more than 60 seconds of your time.

>> Click here to start the survey in a new window<<

“We’re working closely with chipmakers to always explore new possibilities for hardware-based defense hardening and deliver robust and resilient protection against cyber threats,” wrote the MDE Team in a post announcing the new capability.

Complete remediation

Explaining the effectiveness of TDT, Intel said that in a typical cryptomining attack, malware indulges in activities, such as mining cryptocurrencies, that use a computer’s resources, which puts it under extreme duress. 

This can slow down the computer to a crawl in the short terms, and permanently damage the hardware in the long run.

What makes it even worse is that some cryptojacking scripts have worming capabilities, which can be used to infect devices and servers across a network, warns Intel. 

Microsoft Windows Defender for Endpoint

(Image credit: Microsoft)

Once it detects such unauthorized cryptomining activity, TDT will send a high-fidelity signal to MDE in order to trigger remediation steps to neutralize the activity and prevent the malware from spreading across the network.

“Even though we have enabled this technology specifically for cryptocurrency mining, it expands the horizons for detecting more aggressive threats like side-channel attacks and ransomware. Intel TDT already has the capabilities for such scenarios, and machine learning can be trained to recognize these attack vectors,” explain the MDE team.

Via BleepingComputer

Mayank Sharma
Mayank Sharma

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.