Taiwanese PC parts manufacturer MSI has been hit by a ransomware attack, with the Money Message ransomware gang claiming responsibility for the MSI breach. The group alleges that it has stolen source code from the company’s network, including private keys, software source code, BIOS firmware, CTMS, and ERP databases. MSI is a global hardware giant, with an annual revenue exceeding $6.5 billion, making this a significant breach.
Money Message has listed MSI on its data leak website and has posted screenshots of the stolen data, which reportedly include software source code, private keys, and BIOS firmware, among others. The group is now demanding a ransom payment of $4 million from MSI, threatening to publish all the allegedly stolen documents in about five days if their demands are not met.
Money Message claims they have stolen 1.5TB of data with MSI breach
The recent report by BleepingComputer highlighted the activity of this new ransomware group, revealing that the threat actors have claimed to have stolen 1.5TB of data from MSI’s systems, including source code and databases. They also suggest that the group may have breached a well-known computer hardware vendor, which in this case, is MSI.
According to BleepingComputer, Money Message has warned MSI that they possess the hardware vendor’s source code, including the framework to develop BIOS. They also claimed to have private keys that are capable of signing in any custom module of those BIOS and installing it on a PC with this BIOS.
This MSI breach highlights the growing threat of ransomware attacks, emphasizing the need for organizations to adopt effective cybersecurity measures. The severity of the incident makes it clear that the consequences of failing to prioritize cybersecurity can be devastating. MSI has yet to issue a statement regarding the breach, and it remains to be seen how they will respond to the demands of the ransomware group.