More discreet and powerful, cryptojacking malware is increasingly used to infect our devices. Microsoft explains how its in-house antivirus still manages to detect them.
In an article published on the Microsoft Security blog, the Redmond firm recalls that while the cryptocurrency market is currently experiencing turmoil, hackers continue to improve their methods to try to recover crypto. The American group makes it known that it is fighting against increasingly advanced cryptojacking techniques.
As a reminder, cryptojacking is a method consisting in infecting a device (computer, smartphone, tablet) using malware, the purpose of which is to exploit the CPU and the GPU of the terminal to mine cryptocurrency in the background, undermining device performance and battery life, as well as durability. A previous report already told us that cryptojacking attacks had exploded in 2021.
Microsoft Defender effective against cryptojacking?
“Over the past few months, Microsoft Defender Antivirus has detected cryptojackers on hundreds of thousands of devices each month”, warns Microsoft. The publisher also indicates that cryptojacking software has become more stealthy and is increasingly difficult for system protection solutions to detect.
The firm takes the opportunity to detail how Microsoft Defender works to detect cryptjackers. Windows natively built-in antivirus scans CPU performance monitoring tool signals for traces of malicious code execution. Through this, it gets unique information about how such malware interacts with CPU.
“The combination of hardware-level monitoring, analysis of CPU usage patterns, and the use of threat-harvested data and software-level machine learning, enables the technology to effectively defend against the cryptojacking”, explains Microsoft. But better to use Defender or other reliable antivirus to protect against such kind of threats.