IT Hardware Giant MSI Hit With $4M USD Ransomware

IT hardware giant MSI has been hit with the Money Message ransomware, and the malware authors are demanding a ransom of $4 million USD. While Tainwanese PC vendor MSI is best known for their graphics cards and gaming laptops, the global hardware giant also produces desktops, motherboards, industrial systems and PC peripherals. If MSI refuses to pay up, the malware authors threaten to leak roughly 1.5TB worth of confidential MSI documents to the public over the coming week.

The breach was first reported to Taiwan's Stock Exchange (TWSE) on Good Friday. "After detecting some information systems being attacked by hackers, MSI's IT department has initiated information security defense mechanism and recovery procedures. The company also reported the anomaly to the relevant government authorities," MSI stated. "The company is also enhancing the information security control measures of its network and infrastructure to ensure data security."

MSI did not share any specific details surrounding the timing of the attack, the levels of encryption utilised by the affected systems, nor whether or not the attackers had exfiltrated customer data during the attack. However, MSI also published a statement on Friday warning customers to ensure that they get their BIOS and firmware updates from official sources.

Meanwhile, the malware authors have listed MSI on their data leak site, where they have shared screenshots of what they describe as the PC maker's ERP (Enterprise Resource Planning) databases, containing software source code, private keys, and BIOS firmware. "Say your manager, that we have MSI source code, including framework to develop bios, also we have private keys able to sign in any custom module of those BIOS and install it on PC with this bios," a Money Message operator said in a chat with an MSI representative.