Heimdal
article featured image

Contents:

A recent data breach affecting Taiwanese PC parts maker MSI (Micro-Star International) has been listed on the extortion portal of a new ransomware gang known as ‘Money Message’. The threat actors claim to have stolen source code from the company’s network.

MSI is one of the most well-known names in the global hardware market, producing desktops, laptops, motherboards, graphic cards, and other hardware intended for gaming. The annual revenue of the company surpasses $7 billion dollars.

In addition to posting pictures of what they claim to be the hardware vendor’s CTMS and ERP databases, files containing software source code, secret keys, and BIOS firmware, the threat actor has placed MSI on its data leak website.

Details About The Gang and The Breach

According to BleepingComputer, the threat actors claimed to have stolen 1.5TB of data from the Taiwanese company’s systems, including databases and source codes, and are now demanding a ransom payment of $4,000,000.

Money Message gave MSI an ultimatum. They have 5 days to pay the ransom or all the stolen data will be released.

Money Message Lists MSI on its Extortion Site (Source)

While chatting with an MSI agent, a Money Message operator said the following:

Say your manager, that we have MSI source code, including framework to develop bios, also we have private keys able to sign in any custom module of those BIOS and install it on PC with this bios.

Money Message Operator to MSI Agent (Source)

BleepingComputer tried reaching out to MSI on multiple occasions to gather more information about the breach, but the Taiwanese company is yet to respond. It is still uncertain whether Money Message’s data breach claims are valid and whether the data they threaten to leak belongs to MSI.

To find more information about this emerging ransomware gang, you can check out this article.

If you liked this article, follow us on LinkedIn, Twitter, Facebook, and Youtube, for more cybersecurity news and topics.

Author Profile

Cristian Neagu

CONTENT EDITOR

linkedin icon

Cristian is a Content Editor & Creator at Heimdal®, where he developed a deep understanding of the digital threat landscape. His style resonates with both technical and non-technical readers, proof being in his skill of communicating cybersecurity norms effectively, in an easy-to-understand manner.

CHECK OUR SUITE OF 11 CYBERSECURITY SOLUTIONS

SEE MORE