Hackers Used Fake GPU Overclocking Software To Push Malware (vice.com) 11
Computer hardware maker MSI is warning gamers not to visit a website that's impersonating the brand and its graphics card overclocking software, Afterburner, to push malware. From a report: On Thursday, MSI published a press release warning of "a malicious software being disguised as the official MSI Afterburner." "The malicious software is being unlawfully hosted on a suspicious website impersonating as MSI's official website with the domain name https:// afterburner - msi [ . ] space," the company wrote. "MSI has no relation with this website or the aforementioned domain. [...] This webpage is hosting software which may contain virus, trojan, keylogger, or other type of malicious program that have been disguised to look like MSI Afterburner," the company added. "DO NOT DOWNLOAD ANY SOFTWARE FROM THIS WEBSITE."
I guess it paid to be boring (Score:2)
Re: (Score:2)
No slagging here. I'm the same way.
mouse cursors and desktop babes? (Score:2)
what happened to the good old days where malware was limited to free mouse cursors and those animated desktop widgets like pole dancing babes or cartoon characters? When was that late 90's? Seems like running unsigned unverified random shit on your computer is a bad idea and has been bad practice for decades.
Some sandboxed OS like Qubes might be the way to go for more and more people. If we ever get sick of viruses, trojans, ransomware, and malware. But I suspect
we haven't had our fill of abuse yet.
Re: (Score:2)
Hardware is now getting all the bloat that productivity software suffered 20 years ago. I've got official drivers for a Razer brand mouse. I say "driver" but mean Application Installer. It's online-only software that downloads 30MB a month and steals application focus (from what I'm doing) when it's 'finished'. Maybe, malware would be easier to detect if every device didn't phone-home every week/month.
Re: (Score:2)
but you can sync your mouse configuration IN THE CLOUD.
Re: (Score:2)
Seems like running unsigned unverified random shit on your computer is a bad idea
I don't know, once you spend five minutes in the real world you quickly find that most of the genuinely-useful freeware out there is going to be unsigned - because someone releasing a hobbyist tool isn't going to spend $100/year for a trusted cert just so UAC doesn't show the Unknown Publisher message.
Re: (Score:2)
what happened to the good old days where malware was limited to free mouse cursors and those animated desktop widgets like pole dancing babes or cartoon characters?
They were imaginary. There was destructive malware before GUIs were even widespread.
Afterburner (Score:1)
Wasn't MSI Afterburner/Rivatuner always made available to people on some weird looking third-party-download-depot-type website? At least it was years ago last time I messed with it. It was always hard to determine whether it was the "official" download or not. And the branding was/is inconsistent.
They probably contributed to the effectiveness of this attack with their history of crappy web design.
Too bad MSI... (Score:2)
It's too bad MSI didn't just register afterburner-msi on all 1,514 TLDs that presently exist. Even if they chose the 1,000 most obvious MSI brand/product name permutations, and then registered those for all 1,514 TLDs, they would still only need to manage about 1.5 million domain names, paying only between $10 million to $100 million per year for domain renewal fees.
What is much worse... (Score:2)
...is that this is now putting fear into millions of gamers with an MSI card reading this everywhere.
And every place including MSI are not offering any anti-virus or anything to detect if they installed the fame Afterburner.
So a lot of panic - zero solutions.