Microsoft and Intel sharpen detection of hidden crypto miners

A corporate deployment of Microsoft Defender for Endpoint now includes Intel’s threat-detection technology for rapid detection of crypto-mining malware.

With cryptocurrency mining on the rise, attackers have pivoted from using ransomware to cryptojacking. Learn how Microsoft and @Intel have partnered to better detect crypto mining malware using Microsoft Defender for Endpoint: https://t.co/59JAO2lDHg

— Microsoft Security (@msftsecurity) April 26, 2021

Intel Threat Detection Technology (TDT) relies on telemetry data to detect anomalies in CPU performance. Unlike other forms of protection, TDT can detect malware before the victim’s computer is infected, for the purposes of mining.

Screenshot of a CoinMiner block warning. Data: microsoft.com.

A machine-learning-based solution is showing effective results, even as malware attempts to bypass security tools.

Microsoft and Intel expect their collaboration will strengthen protection for corporate clients.

According to a recent Avira Protection Labs study, the number of hidden-miner attacks rose by 53% in Q4 2020 compared with Q3.

Earlier, the hosting service GitHub reported cryptocurrency mining on its cloud servers. The company is conducting an incident investigation.

Follow ForkLog on Twitter.