MSI Confirms Cyberattack, Issues Firmware Download Guidance

Technology giant Micro-Star International (MSI) has confirmed it fell victim to a cyberattack that resulted in system disruptions and possible exposure to firmware image manipulations.

In a notice posted online, MSI described the incident as “network anomalies” and said it immediately activated relevant defense mechanisms after identifying the intrusion.

“MSI recently suffered a cyberattack on part of its information systems. Currently, the affected systems have gradually resumed normal operations, with no significant impact on financial business,” the company added.

The computer maker shared no details on the type of cyberattack that it suffered and made no mention of any type of data being stolen during the intrusion.

However, MSI’s notification came only days after a ransomware group known as ‘Money Message’ boasted on its leak site about hacking into the company’s infrastructure.

The group claims to have gained access to internal MSI databases, private keys, source code, and BIOS firmware. Money Message also claims to have all the tools it needs to create malicious BIOS images and sign them.

While not directly mentioning any source code theft, MSI’s notification appears to confirm that the hackers might have had access to firmware images.

“MSI urges users to obtain firmware/BIOS updates only from its official website, and not to use files from sources other than the official website,” the notification reads.

Headquartered in New Taipei City, Taiwan, MSI is one of the world’s largest providers of computer hardware and products, including laptops, desktops, servers, motherboards, graphics cards, peripherals, and car infotainment products.

Related: Crown Resorts Investigating Ransomware Data Theft Claims

Related: Ransomware Will Target OT Systems in EU Transport Sector: ENISA

Related: Ransomware Gang Publishes Dat Stolen From Royal Dirkzwager