Malicious cryptomining - or cryptojacking - where cybercriminals install malware into business and personal computers, laptops, and mobile devices to "hijack" a computer's power and resources to mine for cryptocurrencies or steal cryptocurrency wallets can slow computers dramatically and keep them from operating normally. Some cryptojacking scripts have worming capabilities that allow them to infect other devices and servers on a network.
By leveraging Intel Threat Detection Technology, Microsoft Defender for Endpoint gains full stack visibility to detect advanced threats, such as cryptojacking, and can remediate the attacks before a user's PC is affected. This move, say the companies, further accelerates endpoint detection and response for millions of customers without compromising experience.
"This is a true inflection point for the security industry as well as our SMB, mid-market and enterprise customers that have rapidly adopted Windows 10 with built-in endpoint protections," says Michael Nordquist, senior director of Strategic Planning and Architecture in the Business Client Group at Intel. "Customers who choose Intel vPro with the exclusive Intel Hardware Shield now gain full-stack visibility to detect threats out of the box with no need for IT configuration. The scale of this CPU-based threat detection rollout across customer systems is unmatched and helps close gaps in corporate defenses."
Intel TDT, part of Intel Hardware Shield's suite of advanced capabilities on Intel vPro and also available on Intel Core platforms, equips endpoint detection and response (EDR) solutions with CPU heuristics for advanced memory scanning, cryptojacking, and ransomware detection. With nearly a billion Intel TDT-capable PCs in the market, says the company, these are the only CPU-based malware behavior-monitoring capabilities in market that go beyond signature and file-based techniques.
Intel TDT helps endpoint security solutions harness CPU telemetry and hardware acceleration to help identify threats and detect anomalous activity. It uses a combination of CPU telemetry and machine learning (ML) heuristics to detect specific behavior.
The CPU performance monitoring unit (PMU) sits below the