It’s no surprise that hackers continue to take advantage of vulnerabilities and perpetrate new hacks, with MSI being the latest victim of such an attack. Last month, MSI’s systems were breached, and now hackers have leaked some of the 1.5TB of data stolen during the breach. The leaked data contains private keys, including Intel Boot Guard keys, which could have serious implications for not only MSI but also other vendors like Lenovo and Supermicro.
Intel Boot Guard keys are used to protect PCs from fake UEFI firmware or modified BIOS. If an attacker bypasses these security checks, they could gain full access to a system, which could lead to the theft of secure data or other malicious purposes. The use of UEFI keys is especially concerning because of the risk of secondary downloads. Malware developed after a firmware update using these keys would appear genuine, and antivirus software would ignore it, making it more difficult to detect and prevent.
After the breach, a group called Money Message claimed responsibility for the attack and demanded a $4,000,000 payment from MSI. It appears that MSI did not pay the ransom, leading to the release of the stolen data.
The fallout from this leak will take time to analyze, and mitigations will need to be developed. The affected vendors will likely issue statements in the coming days as they work to address the situation.
As these types of attacks become more frequent, it’s important for companies to take the necessary precautions to protect their systems and data. With the potential for serious consequences, it’s crucial to stay vigilant and stay ahead of potential threats.