Intel, Microsoft Team Up to Combat Cryptojacking

Intel and Microsoft are collaborating on a new project to help enterprise and small business customers avoid security issues that may involve others using PCs on your network to mine cryptocurrencies, known as cryptojacking.

The protection will be built into Microsoft Defender for Endpoint on systems using 6th Gen or later Intel vPro and Intel Core processors. Specifically, it uses Intel Threat Detection Technology, or TDT to take advantage of the CPU for machine learning to detect cryptomining.

Intel TDT malware diagram

(Image credit: Intel, Microsoft)

In a press release, Intel stated that the rise of cryptocurrencies in the mainstream and their increase in value means that "cybercriminals [will] shift their focus from ransomware to cryptojacking." Intel claims that there was a 53% increase in mining malware attacks in the fourth quarter of 2020 compared to the quarter before it.

Cryptojacking, just like normal cryptomining, weighs heavily on a computer's resources and sends the crypto back to a wallet. This could drastically slow a computer. Intel suggests some cryptojackers can also spread over a network, where large businesses could have hundreds or thousands of devices.

YouTube YouTube
Watch On

Intel's TDT technology will use its machine learning and telemetry to "fingerprint" the suspicious activities, some of which it can offload to the integrated GPU. The cryptojacking threats will appear in Windows Defender to people using their devices, just like any other threat.

In a separate release, Microsoft's Karthik Selvaraj, principal research manager on the Microsoft 365 Defender research team wrote that "[e]ven though we have enabled this technology specifically for cryptocurrency mining, it expands the horizons for detecting more aggressive threats like side-channel attacks and ransomware."

At the moment, this appears to only be available on 6th Gen or later Intel vPro (and some Core) platforms running Microsoft's enterprise security suite. It's unclear if there are plans to further expand the program to general users or other silicon.

Andrew E. Freedman

Andrew E. Freedman is a senior editor at Tom's Hardware focusing on laptops, desktops and gaming. He also keeps up with the latest news. A lover of all things gaming and tech, his previous work has shown up in Tom's Guide, Laptop Mag, Kotaku, PCMag and Complex, among others. Follow him on Threads @FreedmanAE and Mastodon @FreedmanAE.mastodon.social.

Read more
13th Generation Intel CPU
Intel roasts AMD and Nvidia in its latest product security report, claiming AMD has vulnerabilities with no fix planned, Nvidia has only high-severity security bugs [Updated]
Microsoft branding for Copilot+ PC
Microsoft Snapdragon X Copilot+ PCs get local DeepSeek-R1 support — Intel, AMD in the works
hacker in front of computer
New UEFI vulnerability bypasses Secure Boot — bootkits stay undetected even after OS re-install
Ryzen CPU with 3D V-Cache
'You can now jailbreak your AMD CPU' — Google researchers release kit to exploit microcode vulnerability in Ryzen Zen 1 to Zen 4 chips
Intel Arc Battlemage B580 and B570
Latest Arc B580 graphics driver adds support for Intel Twin Lake and Core 200 CPUs
Intel Core i9-9900K
Microsoft updates Windows 11 CPU support for OEM systems to include 8th to 10th Gen Intel CPUs
Latest in Cyber Security
GeForce RTX 3090
Akira ransomware can be cracked with 16 RTX 4090 GPUs in around ten hours — new counterattack breaks encryption
Crypto Hacker
FBI identifies North Korea as source of $1.5 billion ByBit hack
A broken lock on a PCB.
Apartment buildings broken into with phone in minutes — IoT-connected intercoms using default creds vulnerable to anyone with Google
Streamjackers want your digital treasures
CS2 fans targeted by Streamjackers — viewers swindled out of crypto and Steam valuables
Eight Sleep's Pod 4 Ultra Smart Bed
Security researcher finds vulnerability in internet-connected bed, could allow access to all devices on network
13th Generation Intel CPU
Intel roasts AMD and Nvidia in its latest product security report, claiming AMD has vulnerabilities with no fix planned, Nvidia has only high-severity security bugs [Updated]
Latest in News
TSMC building
TSMC to reportedly speed up fab building in the US, third fab to begin construction this year
Intel
Ex-Intel CEO Gelsinger warns TSMC's $165B investment will not restore U.S. semiconductor leadership
ReFS in Windows 11 preview build installer
New Windows file system option supports up to 35 petabyte volumes — ReFS appears in latest Insider build
New Windows 11 Game Bar Update
Microsoft updates the Windows Game Bar to be more user friendly with PC Handhelds
Raspberry Pi
Raspberry Pi Pico fightstick randomly mashes buttons for fighting game combos
The world's first color e-paper display over 30-inches
Mass production of 'world's first' color e-paper display over 30-inches begins
  • ginthegit
    a match made in hell, they deserve each other...
    Reply
  • Why_Me
    Crypto mining is the devil.
    Reply
  • ginthegit
    Why_Me said:
    Crypto mining is the devil.

    This is so AMDIST.... Why should only Intel get this benefit. I know it is using a security feature, but to my ears it is saying that Intel is more protected than AMD and that Windows security is useless to this threat when using an AMD based system.

    Bad Microsoft, Bad Intel.
    Reply
  • Findecanor
    ginthegit said:
    Bad Microsoft, Bad Intel.
    My impression is that it was Intel who had initiated the work and then asked Microsoft to go along with implement it in Windows Defender.

    If AMD would develop something similar and present it to Microsoft, I am certain that Microsoft would want to incorporate that into Defender as well.
    Reply
  • rtoaht
    Findecanor said:
    My impression is that it was Intel who had initiated the work and then asked Microsoft to go along with implement it in Windows Defender.

    If AMD would develop something similar and present it to Microsoft, I am certain that Microsoft would want to incorporate that into Defender as well.

    Why so salty? It sounds like a great feature to have.
    Reply
  • rtoaht
    ginthegit said:
    Why should only Intel get this benefit.

    Umm. I believe the millions of customers who would buy their product will also get the benefit. If you are not planning to be an Intel customer but want the feature ask your favorite CPU vendor to implement it in their hardware.
    Reply
  • ginthegit
    Findecanor said:
    My impression is that it was Intel who had initiated the work and then asked Microsoft to go along with implement it in Windows Defender.

    If AMD would develop something similar and present it to Microsoft, I am certain that Microsoft would want to incorporate that into Defender as well.

    AMD has got something similar, but as with SSEA 3DNow! and other AMD tech, Microsoft just beds up with its best mal practice partnertwo of the most litigated companies in the world , in a marriage of corruption.
    Reply
  • ginthegit
    rtoaht said:
    Umm. I believe the millions of customers who would buy their product will also get the benefit. If you are not planning to be an Intel customer but want the feature ask your favorite CPU vendor to implement it in their hardware.
    Benefit? Like what? I am going to ask you a serious question. Do you think that windows needs to be as Big as it is to perform the function it performs. And what is this extra software doing?

    Compare it to Linus, that has smoother operation, better drivers when done Open source, smaller file size, and less crashes.... All with the same functionality and 1/5 of the size.

    When two companies like this get together they often conspire.

    Safety was not a concern for intel when it first found out about Specter etc, they sat on it for ages. Intel also gave FBI a back door code to its processor using level 0 code, and Microsoft, lets just say they have deliberately buggy code. there is no way with all the coders and proof reading coders, that it could be any other way, but Bugs keep coming out that are easy for Crackers to exploit, and its always the same type of vulnerabilities, the type that Intel and Microsoft were supposed to have fixed (but obviously haven't).

    To be honest, if there isnt a patch or update that the antivirus companies can't come out that can shut down suspicious heavy resource using tasks, then they are useless and not worth their money. This is more gimmicks and nonsense.
    Reply