Microsoft Defender for Endpoint now leverages Intel Threat Detection Technology (TDT) for CPU-based cryptomining malware detection, according to a prepared statement.
TDT ensures a high-fidelity signal is sent any time cryptomining or other malicious activities are detected in a PC equipped with Defender for Endpoint, Intel noted. In this instance, TDT triggers remediation workflows in Defender for Endpoint to protect an infected PC and prevent lateral movement across a network.
Defender for Endpoint with TDT also uses CPU telemetry and machine learning heuristics to help organizations identify cyber threats and suspicious activities, Intel indicated. In doing so, it can provide insights into active threats across organizations' IT environments.
What Is Cryptojacking?
Cryptojacking refers to malicious cryptomining in which cybercriminals install malware into business and personal computers, laptops and mobile devices, Intel stated.
During a cryptomining attack, malware uses a computer's power and resources to mine for cryptocurrencies or steal cryptocurrency wallets, Intel indicated. As such, the attack can hamper a computer's performance and prevent it from operating normally.
Also, some cryptojacking scripts have worming capabilities, Intel said. These scripts can be used to infect devices and servers across a network.
Meanwhile, nearly 5,400 cryptocurrencies with a total market capitalization of $201 billion were traded in April 2020, Intel reported. As the values of cryptocurrencies rise, cybercriminals may increasingly shift their focus from ransomware to cryptojacking.
How to Guard Against Cryptojacking Attacks
It can be difficult for organizations to identify cryptojacking attacks in their early stages, according to data security company Varonis. But, there are several things that organizations can do to guard against these attacks, such as:
- Teach employees about cryptojacking and the dangers associated with it
- Install ad blockers and anti-cryptomining browser extensions
- Conduct ongoing malware scans
Organizations also can partner with MSSPs to protect against cryptojacking attacks. MSSPs can provide security services, tips and recommendations to help organizations guard against cryptojacking and other cyber threats.
