Intel and Microsoft: together against hidden mining

Shadow mining, also known as cryptojacking, is a malicious practice that involves secretly using the computing resources of unsuspecting users to mine cryptocurrency. This can lead to performance degradation, increased power consumption, overheating, and even hardware damage. According to a report by Kaspersky, shadow mining attacks increased by 400% in 2018, affecting millions of devices around the world. (Microsoft)

To combat this threat, Intel and Microsoft have joined forces to develop a new solution that leverages Intel's hardware-based security features and Intel's software-based detection capabilities. Microsoft. The solution, called Intel Threat Detection Technology (Intel TDT), is designed to enhance the existing Windows Defender Advanced Threat Protection (Windows Defender ATP) service and provide a more robust and efficient way to detect and block hidden mining activities.

Intel TDT uses two main components: Accelerated Memory Scanning (AMS) and Advanced Platform Telemetry (APT). AMS allows Windows Defender ATP to scan system memory for malware signatures using Intel's integrated graphics processor, instead of the main CPU. This reduces the impact on performance and power consumption, while increasing scanning speed and coverage. APT leverages Intel's platform-level telemetry data to provide behavioral analysis and anomaly detection for shadow mining and other advanced threats. APT also helps reduce false positives and improve threat identification accuracy.

By combining Intel TDT with Windows Defender ATP, Intel and Microsoft aim to provide a comprehensive, proactive security solution that can protect users from shadow mining and other sophisticated attacks. The fix is ​​expected to be available for Windows 10 devices with Intel processors later this year.

Cryptojacking: How Microsoft and Intel want to protect your PC from unwanted mining

Mining cryptocurrency is a legitimate way to earn extra income from your computer. However, there is a growing threat of malicious software that hijacks your PC and uses it to mine without your consent. This practice, known as cryptojacking, can slow down your system, increase your electricity bill, and expose you to security risks. To combat this problem, Microsoft and Intel have teamed up to offer a new solution that harnesses the power of Windows 10 and Intel processors.

The solution consists of two components: Microsoft Defender, the antivirus software built into Windows 10, and Intel Threat Detection Technology (TDT), a feature that uses the integrated graphics unit (iGPU) on Intel processors with vPro to analyze telemetry data. with machine learning. In this way, the solution can detect hidden mining programs that try to evade traditional detection methods. When cryptojacking is detected, the solution notifies the operating system, which then instructs Microsoft Defender to quarantine or terminate the malicious process.

This solution is available for Intel processors from the Skylake generation, but only works with laptops that have 10th generation (Ice Lake) or later core processors. The DTT function is also exclusive to the XNUMXth generation or later. Older processors cannot be upgraded to support this feature. Additionally, the solution is only compatible with the enterprise version of Microsoft Defender (Microsoft Defender for Endpoint). Users with Windows XNUMX Home will not be able to activate this protection and will have to resort to other methods to avoid cryptojacking, such as monitoring CPU usage in Task Manager.