Jump to content
  • Money Message ransomware gang claims MSI breach, demands $4 million

    alf9872000

    • 427 views
    • 2 minutes
     Share


    • 427 views
    • 2 minutes

    Taiwanese PC parts maker MSI (Micro-Star International) has been listed on the extortion portal of a new ransomware gang known as "Money Message," which claims to have stolen source code from the company's network.

     

    MSI is a global hardware giant that makes motherboards, graphics cards, desktops, laptops, servers, industrial systems, PC peripherals, and infotainment products, with an annual revenue that surpasses $6.5 billion.

     

    The threat actor has listed MSI on its data leak website and posted screenshots of what they claim to be the hardware vendor's CTMS and ERP databases and files containing software source code, private keys, and BIOS firmware.

     

    Money Message now threatens to publish all these allegedly stolen documents in about five days unless MSI meets its ransom payment demands.

     

    msi.jpg

    MSI listed on 'Money Message' extortion site (BleepingComputer)

     

    BleepingComputer highlighted this novel ransomware group's activity in a report published over the weekend and described the gang's attack chain, hinting at the possibility of the threat actors having breached a well-known computer hardware vendor.

     

    According to chats seen by BleepingComputer at the time, the threat actors claimed to have stolen 1.5TB of data from MSI's systems, including source code and databases, and demanded a ransom payment of $4,000,000.

     

    chat.png

    Chat between the threat actor and the victim's representative (BleepingComputer)

     

    "Say your manager, that we have MSI source code, including framework to develop bios, also we have private keys able to sign in any custom module of those BIOS and install it on PC with this bios," a Money Message operator said in a chat with an MSI agent.

     

    Since discovering this, BleepingComputer has reached out to MSI multiple times, but we are still waiting for a reply.

     

    As such, we haven't been able to verify whether Money Message's data breach claims are valid and whether the data they threaten to leak belongs to MSI.

     

    Source


    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...