Having the signing keys potentially allows an attacker to create fake firmware updates that would bypass Intel Boot Guard. The leaked data includes private keys, some of which appear to be Intel Boot Guard keys. Researchers are now starting to unravel the significance of the stolen data. When the $4 million ransom demand was not met, Money Message began leaking the MSI data on its data leak site.Īccording to BleepingComputer, a Money Message operator said in a chat with an MSI agent: “Say your manager, that we have MSI source code, including framework to develop bios, also we have private keys able to sign in any custom module of those BIOS and install it on PC with this bios.” The Money Message gang claimed to have stolen 1.5TB of data during the attack, including firmware, source code, and databases. ![]() In April, criminals used Money Message to hit at least 10 victims, mostly in the US, and from various industries, including MSI. ![]() Money Message is a new ransomware which targets both Windows and Linux systems. While the statement does not reveal a lot of tangible information, this snippet is important: “MSI urges users to obtain firmware/BIOS updates only from its official website, and not to use files from sources other than the official website.”Īs we mentioned in our May ransomware review, Taiwanese PC parts maker MSI fell victim to ransomware gang Money Message. On ApMSI (Micro-Star International) released a statement confirming a cyberattack on part of its information systems.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |