The security experts from cybel have announced that they have discovered the existence of several campaigns phishing prompting users to download a fake version out MSI Afterburnertogether with those a miners It is a Info stealer.
MSI Afterburner: fake version to generate cryptocurrencies
For those who don’t know or have never heard of it, MSI Afterburner is one of the most well-known and popular tools for monitoring PC parameters and overlocking the GPU, not only from those of the MSI brand but also from others. Therefore, cyber criminals try to exploit the popularity of this tool for their crimes.
Considering that MSI Afterburner is mostly used by users with high-end graphics cards, cyber criminals thought twice about exploiting the power of GPUs to generate cryptocurrencies.
The detailed mode of action is as follows: The “browser_assistant.exe” file located in the “Program Files” directory is installed together with the legitimate MSI Afterburner tool. The miner is then downloaded from GitHub and injected into the memory of the explorer.exe process. After collecting some data about the computer including CPU and GPU type, the miner contacts the mining pool and starts generating Monero. Meanwhile, RedLine steals various information from the system.
To avoid computer dangers of this type, it is advisable to always be careful about what is downloaded from the Internet and, above all, about the sources, as well as to have good antivirus software, as Norton 360 Premium currently has it too offered at a heavy discount.
This article contains affiliate links: purchases or orders made through these links allow our site to earn a commission. The offers may be subject to price changes after publication.