Support for Ukraine



Blog Archive



Hackers Used Fake GPU Overclocking Software to Push Malware

Full Story Blog Post Thursday, May 13, 2021 in Security   View 1 Comment 1 Comment
Security
Graphics card maker MSI says someone is impersonating its website and Afterburner software to hack gamers.
NAME
Computer hardware maker MSI is warning gamers not to visit a website that's impersonating the brand and its graphics card overclocking software, Afterburner, to push malware.

On Thursday, MSI published a press release warning of "a malicious software being disguised as the official MSI Afterburner."

"The malicious software is being unlawfully hosted on a suspicious website impersonating as MSI`s official website with the domain name https://afterburner-msi[.]space," the company wrote. "MSI has no relation with this website or the aforementioned domain."

"This webpage is hosting software which may contain virus, trojan, keylogger, or other type of malicious program that have been disguised to look like MSI Afterburner," the company added. "DO NOT DOWNLOAD ANY SOFTWARE FROM THIS WEBSITE."
"DO NOT DOWNLOAD ANY SOFTWARE FROM THIS WEBSITE."
MSI did not immediately respond to a request for comment.

In the release, MSI said it has taken "necessary" action against the site, hinting that it has sent a cease and desist letter based on copyright infringement, or even contacted the website's domain registrar, "to remove the malicious imposter website."

The allegedly malicious website mimics MSI's official website and offers downloads for Afterburner, according to the company.

At this time, the official Afterburner Software download link "is currently closed due to routine maintenance," according to MSI. So it appears hackers are trying to take advantage of this by offering users an apparent alternative way to download the software. Afterburner is software that allows users to monitor and tweak their graphic card's performance. Critically, it allows them to "overclock" cards so they can get higher (but sometimes less stable) performance. We're in the middle of a global semiconductor shortage that's making it near impossible to buy new GPUs, so many gamers might be trying to get more performance out of the cards they already own by overclocking them.

According VirusTotal, the world's largest repository of malware, no antivirus software or engine flags the impersonator website as malicious. At the time of writing, the https://afterburner-msi[.]space website appears to be down. Before it went down, Chrome displayed a warning when trying to visit it.

vice.com



Elector
Saturday, May 29, 2021 at 4:49 PM
Be careful what you download.

Another precaution you can take is to confirm the program's digital signature to see if it has been altered and also only download from official or reputable trusted sources.

1