MSI Suffers Breach, Internal Source Code Leaked
MSI Suffers Breach, Internal Source Code Leaked
The company didn’t fully specify the extent of the breach, which includes source code for BIOS and firmware.
MSI has published a filing to Taiwan Stock Exchange (TWSE) confirming the company has suffered a data breach, which contains source code data allegedly stolen by a ransomware group. However, in the filing, the company states that its business and operation is not significantly affected.
Ransomware group Money Message has claimed responsibility, and they claimed the stolen data includes private keys and source code for BIOS firmware, totaling 1.5TB in size. They’re demanding $4 million in ransom according to internal conversations with representative from MSI, and it has to be paid within 5 days.
“[Tell] your manager, that we have MSI source code, including framework to develop BIOS, also we have private keys able to sign in any custom module of those BIOS and install it on PC with this BIOS,” according to the operator from the hacking group, as noted by BleepingComputer.
MSI has since released a statement advising users of its products to avoid downloading BIOS or firmware updates from any third-party sources – which should indicate that there may be real possibility that bad actors are able to breach MSI’s products with the use of private keys (to sign BIOS files) obtained from the hack.
Source: PCMag | BleepingComputer
Pokdepinion: Be extra careful when obtaining BIOS files – this is where rootkit access can cause huge troubles to a user’s system.