Windows Defender has become, in a very short time, one of the best antivirus that we can install on the computer. But cyber threats are constantly changing, and what today may be a new type of malware, generating more revenue for hackers, may change tomorrow. The rising price of cryptocurrencies, and the anonymity they offer, are making these types of coins very lucrative for hackers. And this has given rise to a new type of malware: cryptojacking .
What is cryptojacking
Cryptojacking is malicious software whose main purpose is to use our computer to mine cryptocurrencies . This malware does not usually do anything else (or steal data, or encrypt information, etc.), it simply uses our resources to perform calculations and generate these coins. Apparently it may seem harmless, but cryptocurrency mining damages the hardware parts of our computer in the short term, without taking into account the energy consumption that, of course, is our responsibility.
Antiviruses usually have a difficult time detecting these threats based on their behavior. Apparently they do not look like malicious programs, and there is no difference between a cryptojacking type of malware or a program that we can run to mine.
Fortunately, Windows Defender is going to be much more effective at detecting these threats. And all thanks to Intel.
Windows Defender + Intel will better detect mining software
Intel DTT is part of the features offered in these processors as part of the Hardware Shield. Thanks to Threat Detection Technology , these processors are capable of performing much more advanced memory scans, making it possible to detect and block the most complex threats, such as ransomware or cryptocurrency mining programs.
The best thing about these features is that, being embedded in the processors itself and not relying on software technologies, they have absolutely no impact on performance. The same thing happens with hardware encryption modules, also included in these processors as part of their Hardware Shield .
The use of DTT by Windows Defender takes Microsoft‘s antivirus to a new level. Once this system is implemented, this antivirus will be able to block all kinds of malicious processes without complications . The antivirus will have full control over malicious processes, regardless of the evasion techniques used, and will be able to circumvent techniques, such as code obfuscation, to find the threat.
At the moment we don’t know when this feature will come to Windows 10 antivirus. The good news is that at least a large number of users will be able to benefit from this feature. Intel DTT is available for vPro processors (for servers) and for Intel Core (general purpose processors) from the 6th generation onwards.
Microsoft has a special interest in the use of this technology from Intel, and ensures that in the not too distant future it could be used to detect ransomware and side-channel attacks as well.
Initially, this technology will only be available in Microsoft Defender for Endpoint , but it could reach our home computers in the future, if Microsoft is interested.