Microsoft Defender now blocks even more nasty crypto malware

Will be expanded to curb other threats as well, says Microsoft

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

MicrosoftDefender for Endpoint (MDE), the enterprise version of theWindows 10Defender antivirusplatform, now comes with support for blocking cryptojacking malware usingIntel’s silicon-basedThreat Detection Technology (TDT).

IntelTDT is part of the chip maker’s Hardware Shield’s suite of capabilities that’s available on the Intel vPro and Intel Core platforms.

TDT runs low-level hardware telemetry collected from the CPU’s performance monitoring unit (PMU) through machine learning models that have been trained to detect cryptominingmalware.

We’re looking at how our readers use VPN for a forthcoming in-depth report. We’d love to hear your thoughts in the survey below. It won’t take more than 60 seconds of your time.

Click here to start the survey in a new window«

“We’re working closely with chipmakers to always explore new possibilities for hardware-based defense hardening and deliver robust and resilient protection against cyber threats,” wrote the MDE Team in a post announcing the new capability.

Complete remediation

Explaining the effectiveness of TDT, Intel said that in a typical cryptomining attack, malware indulges in activities, such asmining cryptocurrencies, that use a computer’s resources, which puts it under extreme duress.

This can slow down the computer to a crawl in the short terms, and permanently damage the hardware in the long run.

What makes it even worse is that some cryptojacking scripts have worming capabilities, which can be used to infect devices and servers across a network, warns Intel.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Once it detects such unauthorized cryptomining activity, TDT will send a high-fidelity signal to MDE in order to trigger remediation steps to neutralize the activity and prevent the malware from spreading across the network.

“Even though we have enabled this technology specifically forcryptocurrencymining, it expands the horizons for detecting more aggressive threats like side-channel attacks and ransomware. Intel TDT already has the capabilities for such scenarios, and machine learning can be trained to recognize these attack vectors,” explain the MDE team.

ViaBleepingComputer

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’sTechRadar Pro’sexpert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.

Cisco issues patch to fix serious flaw allowing possible industrial systems takeover

Washington state court systems taken offline following cyberattack

Another reason to avoid edge-lit 4K TVs: they may fail faster than others, according to this report