Microsoft has announced plans to use a little-known Intel CPU feature to detect cryptominer malware, TheRecord reports. Known as Intel Threat Detection Technology (TDT), this security feature gives security software access to more in-depth telemetry and heuristics to identify malware that evaded anti-virus detections. According to Intel, there are nearly a billion Intel TDT-capable PCs in the market, which means TDT usage by security software may see a surge as more companies adopt it. The new crypto-mining detection capabilities will only be available on devices running the paid product Microsoft Defender for Endpoint, and will not be included in Microsoft’s free Defender Antivirus solution.
While the detection capabilities will not be available for free, users can help secure their machines from unwanted cryptomining operations by keeping an eye on processes (especially non-Microsoft processes) which eat up a large percentage of the device’s CPU. Additionally, Binary Defense recommends deploying a 24/7 SOC monitoring solution, such as Binary Defense’s own Security Operations Task Force, to watch for suspicious processes and behaviors that could indicate an attack.