Intel, Microsoft team against cryptojacking

April 28, 2021 // By Rich Pell
Intel, Microsoft team against cryptojacking
Tech giants Intel and Microsoft have announced that Microsoft's complete endpoint security solution - Microsoft Defender for Endpoint - has expanded its use of Intel Threat Detection Technology (Intel TDT) beyond accelerated memory scanning capabilities to activate central processing unit (CPU) based cryptomining machine learning (ML) detection.

Malicious cryptomining - or cryptojacking - where cybercriminals install malware into business and personal computers, laptops, and mobile devices to "hijack" a computer's power and resources to mine for cryptocurrencies or steal cryptocurrency wallets can slow computers dramatically and keep them from operating normally. Some cryptojacking scripts have worming capabilities that allow them to infect other devices and servers on a network.

By leveraging Intel Threat Detection Technology, Microsoft Defender for Endpoint gains full stack visibility to detect advanced threats, such as cryptojacking, and can remediate the attacks before a user's PC is affected. This move, say the companies, further accelerates endpoint detection and response for millions of customers without compromising experience.

"This is a true inflection point for the security industry as well as our SMB, mid-market and enterprise customers that have rapidly adopted Windows 10 with built-in endpoint protections," says Michael Nordquist, senior director of Strategic Planning and Architecture in the Business Client Group at Intel. "Customers who choose Intel vPro with the exclusive Intel Hardware Shield now gain full-stack visibility to detect threats out of the box with no need for IT configuration. The scale of this CPU-based threat detection rollout across customer systems is unmatched and helps close gaps in corporate defenses."

Intel TDT, part of Intel Hardware Shield's suite of advanced capabilities on Intel vPro and also available on Intel Core platforms, equips endpoint detection and response (EDR) solutions with CPU heuristics for advanced memory scanning, cryptojacking, and ransomware detection. With nearly a billion Intel TDT-capable PCs in the market, says the company, these are the only CPU-based malware behavior-monitoring capabilities in market that go beyond signature and file-based techniques.

Intel TDT helps endpoint security solutions harness CPU telemetry and hardware acceleration to help identify threats and detect anomalous activity. It uses a combination of CPU telemetry and machine learning (ML) heuristics to detect specific behavior.

The CPU performance monitoring unit (PMU) sits below the

Vous êtes certain ?

Si vous désactivez les cookies, vous ne pouvez plus naviguer sur le site.

Vous allez être rediriger vers Google.