SECURITY
SECURITY
SECURITY
MSI confirms breach after Money Message ransomware gang hackers claim responsibility
Micro-Star International Co. Ltd., the Taiwanese manufacturer of hardware for personal computers, confirmed earlier today that it suffered a breach of its systems after a new ransomware gang called “Money Message” claimed responsibility and revealed it stole source code from the company’s corporate network.
MSI revealed that it had suffered a “cyberattack” in a press release, which did not go much into detail about the nature of the attack or reveal the name of the suspected threat actor.
“Upon detecting network anomalies, the information department promptly activated relevant defense mechanisms and carried out recovery measures and reported the incident to government law enforcement agencies and cybersecurity units,” the company said.
MSI is a well-known maker of computer hardware and related products, including laptops, desktops, motherboards, graphics cards, industrial computers and peripherals.
The Money Message ransomware gang listed MSI on a dark web extortion portal on Thursday and claimed to have stolen source code from the PC maker, reported Bleeping Computer. The gang also displayed screenshots of files reportedly containing software source code, private keys and BIOS firmware.
From chats seen by Bleeping Computer, the ransomware group claims to have stolen approximately 1.5 terabytes of data from MSI and demanded a ransom of $4 million. The group has given the hardware maker about five days to pay up or it will publish what it has.
According to the threat intelligence researchers at Cyble Inc., Money Message was first observed last month and has already affected several publicly disclosed victims. It uses a double extortion technique where the gang first steals data from the victim and then encrypts it on the network. That way if the ransom goes unpaid, it can still leak the data instead of simply leaving it leaving victims without access to their information.
Although the attack would have encrypted the segments of source code and other data that it affected, MSI downplayed the attack in its release.
“Currently, the affected systems have gradually resumed normal operations, with no significant impact on financial business,” the company added.
Image: Pixabay
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
