MSI warn users of cyberattack

Share post:

MSI has warned its customers to be careful when updating firmware or BIOS for their MSI-brand motherboards, GPUs, notebooks, PCs, and other devices. The warning comes after the company suffered a cyberattack, the extent of which is unknown.

In a statement, the company urged users to obtain firmware and BIOS updates only from its official website and to avoid using files from other sources.

The reason behind the warning is reportedly related to the types of data that were allegedly stolen during the attack. A group of hackers known as Money Message claimed to have screenshots of MSI’s CTMS and ERP databases, source code, private keys, and BIOS firmware. This information could be used to create malicious firmware clones that could trick users into installing them.

According to the hackers, they have all the tools necessary to develop potentially malicious BIOS and then digitally sign it so that it appears legitimate and can be installed on victims’ PCs once they’re lured into downloading it. MSI customers are advised to avoid installing any firmware that turns out to be malware and stick to official updates.

The group has threatened to release this data, allegedly totaling 1.5TB, unless MSI pays a $4 million ransom within the next few days. In its statement, MSI did not address the extent of the security breach or what was stolen, stating only that it “detected network anomalies,” and its IT department “activated relevant defense mechanisms and carried out recovery measures.”

MSI reported the intrusion to the police and cybersecurity agencies and downplayed any potential repercussions, stating that it had returned to normal operations and didn’t anticipate any “significant impact” to its financials. However, it’s not clear whether customer data was compromised in the network breach.

The sources for this piece include an article in TheRegister.

SUBSCRIBE NOW

Related articles

Hackers Plant False Memories in ChatGPT to Steal User Data

A security researcher has uncovered a vulnerability in ChatGPT that could allow hackers to store false information and...

“Octo2” Trojan Targets Bank Accounts by Posing as VPN or Chrome Apps on Android

A new malware variant called “Octo2” is spreading across Android devices by posing as popular apps like NordVPN...

Evilginx – Open source tool can bypass Multi-Factor Authentication (MFA)

Security vendor Abnormal Security is reporting a new cybersecurity tool that is gaining traction among cybercriminals. The tool,...

Kaspersky’s exit from US market frightens some customers

Kaspersky, the Russian cybersecurity firm, has unexpectedly removed its antivirus software from U.S. customers' computers, replacing it with...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways