MSI announces cyber attack damage, official warns about firmware and BIOS updates



Manufactures and sells motherboards, graphic cards, desktop PCs, notebook PCs, servers, industrial systems, PC peripherals, infotainment products, etc. Globally with annual sales exceeding $ 6.5 billion (about 860 billion yen) Hardware manufacturer

MSI has announced that it has been hit by a cyberattack.

MSI Confirms Cyberattack, Advises Caution With Firmware | Tom's Hardware
https://www.tomshardware.com/news/msi-cyberattack-firmware-updates



On April 7, 2023, MSI announced a statement on its official website, revealing that it had received a cyber attack. According to MSI, some of the company's information systems were hit by a cyberattack. Upon detecting the network anomaly, intelligence departments quickly activated relevant defense mechanisms, implemented remedial actions, and reported the incident to government law enforcement and cybersecurity departments. Systems affected by cyberattacks are gradually resuming normal operations, and MSI has announced that 'there is no significant impact on financial operations.'

https://www.msi.com/news/detail/MSI-Statement-141688



MSI also warns users to 'obtain firmware and BIOS updates from the official website and do not use updates from anything other than the official website.'

The statement released by MSI on its official website does not disclose the details of the cyber attack that the company received. Technology media Tom's Hardware has independently contacted MSI, but there seems to be no response at the time of writing the article.



The day before MSI announced that it was under a cyber attack, technology media Bleeping Computer said, ``A ransomware group called 'Money Message' stole source code from MSI's network and made $4 million (about 5 million dollars). We are demanding a ransom of 130 million yen).'

Money Message ransomware gang claims MSI breach, demands $4 million
https://www.bleepingcomputer.com/news/security/money-message-ransomware-gang-claims-msi-breach-demands-4-million/



According to Bleeping Computer, the ransomware group's 'Money Message' was stolen from MSI's network on a website for data leaks, a clinical trial management system (CTMS), ERP database, source code, private key, BIOS / firmware and other screenshots, threatening to release the above data if MSI does not pay the ransom.



Bleeping Computer has confirmed a chat where MSI and Money Message exchange about ransom, and in this chat Money Message claims to have stolen 1.5 TB of data from MSI's network. Also, Money Message said, ``I have the source code of MSI, including the framework for developing BIOS. There is,' he also commented.

Bleeping Computer has also contacted MSI, but we have not received a response at the time of writing the article, so we have not been able to confirm whether Money Message's claims are true.

in Software,   Security, Posted by logu_ii