Microsoft Defender for Endpoint (MDE), the enterprise version of the Windows 10 (opens in new tab) Defender antivirus platform, now comes with support for blocking cryptojacking malware using Intel (opens in new tab)'s silicon-based Threat Detection Technology (TDT) (opens in new tab).
Intel TDT is part of the chip maker’s Hardware Shield's suite of capabilities that’s available on the Intel vPro and Intel Core platforms.
TDT runs low-level hardware telemetry collected from the CPU's performance monitoring unit (PMU) through machine learning models that have been trained to detect cryptomining malware (opens in new tab).
We're looking at how our readers use VPN for a forthcoming in-depth report. We'd love to hear your thoughts in the survey below. It won't take more than 60 seconds of your time.
>> Click here to start the survey in a new window (opens in new tab)<<
- These are the best endpoint protection tools (opens in new tab)
- Check our list of the best firewall apps and services (opens in new tab)
- Here’s our collection of the best disaster recovery services (opens in new tab)
“We’re working closely with chipmakers to always explore new possibilities for hardware-based defense hardening and deliver robust and resilient protection against cyber threats,” wrote the MDE Team in a post announcing the new capability.
Explaining the effectiveness of TDT, Intel said that in a typical cryptomining attack, malware indulges in activities, such as mining cryptocurrencies (opens in new tab), that use a computer’s resources, which puts it under extreme duress.
This can slow down the computer to a crawl in the short terms, and permanently damage the hardware in the long run.
What makes it even worse is that some cryptojacking scripts have worming capabilities, which can be used to infect devices and servers across a network, warns Intel.
Once it detects such unauthorized cryptomining activity, TDT will send a high-fidelity signal to MDE in order to trigger remediation steps to neutralize the activity and prevent the malware from spreading across the network.
“Even though we have enabled this technology specifically for cryptocurrency (opens in new tab) mining, it expands the horizons for detecting more aggressive threats like side-channel attacks and ransomware. Intel TDT already has the capabilities for such scenarios, and machine learning can be trained to recognize these attack vectors,” explain the MDE team.
- Protect your devices with these best antivirus software (opens in new tab)
Via BleepingComputer (opens in new tab)