November 24th, 2022 at 2:21 p.m. by Norman Wittkopf – The MSI Afterburner is a popular program for tuning and monitoring graphics cards, which scammers are said to be increasingly taking advantage of.
According to a report by security researchers from Cyble Intelligence and Research Lab (CRIL), a phishing campaign aimed at hitting gamers with cryptocurrency miners and information theft through modified versions of MSI Afterburner was recently uncovered. According to its own statements, the CRIL was able to identify around 50 fake websites offering a defective version of the software in the last three months.
It attempts to spread the malware through phishing emails, online advertisements, forums, and other media. The phishing websites therefore look exactly like the official MSI download page, which is why the URL and domain name should be checked carefully when downloading. The CRIL also named some of the fake domains, like “msi-afterburner-download.site”, “msi-afterburner.download” or “mslafterburners.com”. Some of them are said to be offline by now.
MSI Afterburner: Fake wants mining and data theft
The malware infects the victim’s system with an XMR miner that secretly connects to a mining pool to mine the cryptocurrency Monero. Meanwhile, the program steals the hijacked user’s sensitive information such as computer name, username and other data at the same time.
What do we think about GPU prices? Price development of the generations
Accordingly, you should check whether an original version of the MSI Afterburner is being used or if possible only download it from the official MSI website instead of from third-party providers. MSI itself uncovered similar incidents in connection with the Afterburner last year. According to Tomshardware.com, the release of Nvidia’s Geforce RTX 40 series and AMD’s upcoming Radeon RX 7000 generation and the associated interest are likely to have caused the increased distribution of this type of malware.