Digital Forensics Dispatch

Computer Hardware Manufacturer MSI Falls Victim to Ransomware

April 13, 2023

Bill Toulas of BleepingComputer recently reported that computer hardware manufacturer MSI has fallen victim to a ransomware attack. The Taiwanese computer part maker, Micro-Star International (MSI), was listed on the extortion portal of known ransomware gang “Money Message.”

MSI makes computer hardware such as monitors, graphics cards, motherboards, desktop and laptop computers, and even computer accessories like mice and keyboards. The hackers have claimed that they were able to extract databases and files containing software source code, private keys and even BIOS firmware.

Toulas writes “[according] to chats seen by BleepingComputer at the time, the threat actors claimed to have stolen 1.5TB of data from MSI’s systems.” One-and-a-half terabytes of data is not an insignificant amount of data, and the attackers have demanded $4 million as a ransom payment.

If the hackers did indeed get the BIOS firmware and the keys for the firmware, that could cause some problems for people with MSI computers. A computer’s firmware is what allows the computer hardware to communicate with other software on the device.

Another article by Sergiu Gatlan of BleepingComputer mentions that MSI is refusing to pay the ransom and that they did confirm the security breach. MSI has put out a statement that advises their customers to ensure that any BIOS updates come from the official website and source, not from a third party.

Email:    Phone: 703.359.0700
Digital Forensics/Cybersecurity/Information Technology
https://senseient.com/services/digital-forensic