1.5 TB confidential files such as Intel Boot Guard private key leaked by hacking to MSI
In April 2023, PC maker MSI
Hackers Leak Private Keys for MSI Products, Making It Easier to Attack Them | PCMag
https://www.pcmag.com/news/hackers-leak-private-keys-for-msi-products-making-it-easier-to-attack-them
MSI Breach Leaks Intel BootGuard & OEM Image Signing Keys, Compromises Security of Over 200 Devices & Major Vendors
Intel OEM Private Key Leak: A Blow to UEFI Secure Boot Security
In April 2023, MSI was attacked by Money Message. Although MSI immediately announced the attack, it did not mention what the attack was.
After this, Money Message demanded a ransom of $ 4 million (about 540 million yen) from MSI, but MSI refused to pay. Money Message therefore posted the stolen files on a public server.
The exposed files were analyzed by cybersecurity firm Binary and contained signature keys for firmware images of 57 MSI products. Misuse of this key can result in a malicious firmware update disguised as an MSI. Binary CEO Alex Matrosov also points out that the key may be used as a second-stage payload after a phishing attack.
Binary publishes on GitHub which devices are affected.
SupplyChainAttacks/ImpactedDevices.md at main binary-io/SupplyChainAttacks GitHub
https://github.com/binarly-io/SupplyChainAttacks/blob/main/MSI/ImpactedDevices.md
In addition, we know that 116 MSI products' Intel Boot Guard keys were included. It has been pointed out that the leakage of Intel Boot Guard keys affects not only MSI but also Intel, Lenovo, Supermicro, etc.
⛓️Digging deeper into the aftermath of the @msiUSA data breach and its impact on the industry.
— BINARLY???? (@binarly_io) May 5, 2023
????Leaked Intel BootGuard keys from MSI are affecting many different device vendors, including @Intel , @Lenovo , @Supermicro_SMCI , and many others industry-wide.
???? #FwHunt is on! https://t.co/NuPIUJQUgr pic.twitter.com/ZB8XKj33Hv
Related Posts:
in Security, Posted by logc_nt