Power PC users who like to tweak their GPU performance are targeted by malware (opens in a new tab), researchers say.
Several websites have been detected advertising a rogue version of MSI Afterburner, which instead installs cryptocurrency miners and information stealers on affected endpoints (Opens in a new tab).
MSI Afterburner is a program that allows users to modify the behavior of their graphics cards, allowing them to modify overclocking, track card temperature, and many other tasks. Even though it was built by PC maker MSI, it works with almost all graphics cards, which quickly propelled it to stardom in the PC and gaming user communities, but now it seems to be a target for criminals.
Crypto mining with GPU
Cybersecurity researchers at Cyble claim to have discovered more than 50 websites claiming to be the official site of MSI Afterburner in the past three months alone.
The sites often lobby cryptocurrency miners for Monero and an information-stealing Trojan called RedLine Stealer. Most of the discovered domains have typos, he added, but there were also some that had nothing to do with MSI at all.
High-end graphics cards are an important tool for cryptocurrency miners, as they allow them to generate valuable tokens more efficiently. That's why, over the past two years, prices for flagship GPU models have been steadily rising, while the supply of cards has practically dried up. This is also why it makes sense to target MSI Afterburner with a cryptocurrency miner.
However, since Ethereum (the world's second-largest blockchain network by market capitalization, second only to Bitcoin) moved from proof-of-work (mining) to proof-of-stake (staking), the popularity of the mining has decreased. Rising electricity costs and the current bear market for cryptocurrencies (bitcoin fell from €69 last November to around €000 in November) have played their part.
However, for cybercriminals who would hijack other people's terminals to mine, token price fluctuations mean very little.
Via: BleepingComputer (Opens in a new tab)