Microsoft has partnered with Intel to introduce anti-cryptojacking protection through Microsoft Defender for Endpoint. As a part of this, Microsoft will be implementing Intel’s TDT — the Threat Detection Technology — onto Microsoft Defender for Endpoint, which offers a comprehensive set of security features now.
Defending against Cryptojacking
In the past five years, there has been a noticeable increase in cryptojacking attacks, in which attackers are found to gain unauthorized access to computers and use the resources for cryptocurrency mining. Several studies have also warned people about the need to defend their devices from these threats.
In its official blog post, Microsoft has explained how the Intel TDT has been integrated into Windows Defender to detect and block cryptojacking and cryptojacking over ransomware attacks. The integrated system will be going through the system files for potential issues and flagging mining malware, crypto-based ransomware, and other threats.
Microsoft says Intel TDT uses a multi-step process to detect and confirm the presence of such malware, sourcing the information from low-level hardware telemetry. The feature uses only CPU resources, but the company added that it would integrate GPU offloading options soon.
At its core, the system uses a minute-level analysis of the processing tasks in the CPU. Then, by skillfully predicting the total numbers and the threshold, the TDT can let the OS know about the problem. After this point, Windows Defender for Endpoint will take over and block/remove the malicious element.
Microsoft also added that the integration uses the best possibilities of Artificial Intelligence and Machine Learning. In the blog post, the company also added that the Intel TDT protection could be extended to virtual machines and other containers that users may rely on.
It is also worth noting that the cryptojacking defense in Microsoft Defense does not require any dedicated hardware. It does not even require the latest processors. If you are running Windows on a device that uses an Intel Core processor and the Intel vPro platform, this feature will work natively. However, the CPU has to be a 6th-generation one or later.
