Mining msi afterburner7/19/2023 ![]() A file named “browser_assistent.exe” is placed in the “Program files” location and once it executes it injects, and loads, a shellcode of the encoded XMR Miner binary is pulled from the GitHub repository which is then further injected into explore.exe. The altered software injects code for XMR miner onto the infected machine during the installation process. ![]() ![]() TAs could also target other specialized software to spread malware.”Īs we can see from a quick search on Google, spoofed MSI Afterburner sites are dominating the search engine with the official site buried at the bottom of the list. TAs use phishing emails, online ads, and various other means to propagate links over the internet. “ This coin-miner malware campaign uses MSI Afterburner phishing sites targeting gamers and other individuals who require high-performance computing.
0 Comments
Leave a Reply. |