Intel cooperates with Microsoft to defend against cryptojacking

Intel and Microsoft will jointly launch a new cooperative project to help small and medium-sized enterprises prevent network security issues, such as preventing computers from being used by hackers for mining.

This new protection measure will be built into Microsoft Defender for Endpoint, and it needs to be used on 6th generation or newer Intel Pro or Core processors. Specifically, this protection measure uses Intel’s TDT, which is Threat Detection Technology, to detect whether there is mining activity on the system by means of machine learning.

In Intel’s official press release, Intel stated that as virtual currencies move forward slowly on the road to the mainstream, cybercriminals will shift their focus from ransomware to mining hijacking (Cyrptojacking). According to Intel, the number of malicious mining software attacks in the fourth quarter of 2020 increased by 53% compared to the third quarter.

Cryptojacking is the same as a general mining program, which takes up a lot of computer resources, which can greatly slow down the speed of the computer. Intel believes that some mining hijacking can be spread through the intranet, which would be a disaster for large companies with thousands of devices.

Intel’s TDT technology will use machine learning and telemetry to accurately identify suspicious activities. When a mining hijacking is detected, the user will receive a message in Windows Defender.

Karthik Selvaraj, the chief research officer of the Microsoft 365 Defender research team, stated in another press release:

Even though we have enabled this technology specifically for cryptocurrency mining, it expands the horizons for detecting more aggressive threats like side-channel attacks and ransomware. Intel TDT already has the capabilities for such scenarios, and machine learning can be trained to recognize these attack vectors.

At present, this function can only be used on systems that use Intel’s 6th generation vPro or some Core processors, and install the Microsoft Enterprise Protection Suite. It is not clear whether it will be transferred to ordinary users or users who use other CPUs in the future.