Fake MSI Afterburner Infects Targets With Coin Miner, Password Stealer

If your system has been running sluggishly, you should check if you have the legit version of MSI Afterburner. Cyble Intelligence and Research Lab (opens in new tab) (CRIL) has recently uncovered a phishing campaign to infect gamers with cryptocurrency miners and information stealers through fake MSI Afterburner software. The firm has identified around 50 phony websites over the past three months.

MSI Afterburner is one of the more popular graphics card software for monitoring, tweaking, and overclocking the best graphics cards on the market. Therefore, it doesn’t come as a shock that threat actors are impersonating MSI’s software. It’s not the first time that perpetrators are targeting MSI Afterburner, either. MSI detected a similar incident last year. However, it would seem that the threat actors back at it again now that Nvidia is rolling out its GeForce RTX 40-series graphics cards and AMD is on the brink of unleashing the Radeon RX 7900-series products. The criminals couldn’t find a better time to set up shop.