Endpoint/Device Security, Channel partners, Content

Microsoft Defender Integrates Intel Cryptomining Detection


Microsoft Defender for Endpoint now leverages Intel Threat Detection Technology (TDT) for CPU-based cryptomining malware detection, according to a prepared statement.

TDT ensures a high-fidelity signal is sent any time cryptomining or other malicious activities are detected in a PC equipped with Defender for Endpoint, Intel noted. In this instance, TDT triggers remediation workflows in Defender for Endpoint to protect an infected PC and prevent lateral movement across a network.

Defender for Endpoint with TDT also uses CPU telemetry and machine learning heuristics to help organizations identify cyber threats and suspicious activities, Intel indicated. In doing so, it can provide insights into active threats across organizations' IT environments.

What Is Cryptojacking?

Cryptojacking refers to malicious cryptomining in which cybercriminals install malware into business and personal computers, laptops and mobile devices, Intel stated.

During a cryptomining attack, malware uses a computer's power and resources to mine for cryptocurrencies or steal cryptocurrency wallets, Intel indicated. As such, the attack can hamper a computer's performance and prevent it from operating normally.

Also, some cryptojacking scripts have worming capabilities, Intel said. These scripts can be used to infect devices and servers across a network.

Meanwhile, nearly 5,400 cryptocurrencies with a total market capitalization of $201 billion were traded in April 2020, Intel reported. As the values of cryptocurrencies rise, cybercriminals may increasingly shift their focus from ransomware to cryptojacking.

How to Guard Against Cryptojacking Attacks

It can be difficult for organizations to identify cryptojacking attacks in their early stages, according to data security company Varonis. But, there are several things that organizations can do to guard against these attacks, such as:

  • Teach employees about cryptojacking and the dangers associated with it
  • Install ad blockers and anti-cryptomining browser extensions
  • Conduct ongoing malware scans

Organizations also can partner with MSSPs to protect against cryptojacking attacks. MSSPs can provide security services, tips and recommendations to help organizations guard against cryptojacking and other cyber threats.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.