Connect with us

Hi, what are you looking for?


Malware & Threats

MSI Confirms Cyberattack, Issues Firmware Download Guidance

Tech giant MSI confirms a cyberattack that resulted in system disruptions and possible exposure to firmware image manipulations.

Malware Code Reuse

Technology giant Micro-Star International (MSI) has confirmed it fell victim to a cyberattack that resulted in system disruptions and possible exposure to firmware image manipulations.

In a notice posted online, MSI described the incident as “network anomalies” and said it immediately activated relevant defense mechanisms after identifying the intrusion.

“MSI recently suffered a cyberattack on part of its information systems. Currently, the affected systems have gradually resumed normal operations, with no significant impact on financial business,” the company added.

The computer maker shared no details on the type of cyberattack that it suffered and made no mention of any type of data being stolen during the intrusion.

However, MSI’s notification came only days after a ransomware group known as ‘Money Message’ boasted on its leak site about hacking into the company’s infrastructure.

The group claims to have gained access to internal MSI databases, private keys, source code, and BIOS firmware. Money Message also claims to have all the tools it needs to create malicious BIOS images and sign them.

Advertisement. Scroll to continue reading.

While not directly mentioning any source code theft, MSI’s notification appears to confirm that the hackers might have had access to firmware images.

“MSI urges users to obtain firmware/BIOS updates only from its official website, and not to use files from sources other than the official website,” the notification reads.

Headquartered in New Taipei City, Taiwan, MSI is one of the world’s largest providers of computer hardware and products, including laptops, desktops, servers, motherboards, graphics cards, peripherals, and car infotainment products.

Related: Crown Resorts Investigating Ransomware Data Theft Claims

Related: Ransomware Will Target OT Systems in EU Transport Sector: ENISA

Related: Ransomware Gang Publishes Dat Stolen From Royal Dirkzwager

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.


No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.


Several major organizations are confirming impact from the latest zero-day exploits hitting Fortra's GoAnywhere software.


The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Malware & Threats

Threat actors are increasingly abusing Microsoft OneNote documents to deliver malware in both targeted and spray-and-pray campaigns.