MSI hit with CyberAttack – Newly Emerged Threat Actor Responsible

MSI, the Taiwanese manufacturer of hardware for personal computers, confirmed that it suffered a breach of its systems after a new ransomware gang called Money Message claimed responsibility and revealed it stole source code from the company’s corporate network.

MSI is a well-known maker of computer hardware and related products, including laptops, desktops, motherboards, graphics cards, industrial computers and peripherals.

Asvper the statement, Upon detecting network anomalies, the information department promptly activated relevant defense mechanisms and carried out recovery measures and reported the incident to government law enforcement agencies and cybersecurity units.

The Money Message ransomware gang listed MSI on a dark web extortion portal and claimed to have stolen source code from the PC maker. The gang also displayed screenshots of files reportedly containing software source code, private keys and BIOS firmware.

The ransomware group claims to have stolen approximately 1.5 terabytes of data from MSI and demanded a ransom of $4 million. The group has given the hardware maker about five days to pay up or it will publishes.

Money Message was first observed last month and has already affected several publicly disclosed victims. It uses a double extortion technique where the gang first steals data from the victim and then encrypts it on the network. If the ransom goes unpaid, it can still leak the data instead of simply leaving it leaving victims without access to their information.

The nature of the attack is not revealed much and currently, the affected systems have gradually resumed normal operations, with no significant impact on financial business.