MSI Confirms Cyberattack, Advises Caution With Firmware | Tom's Hardware
Home News
MSI Confirms Cyberattack, Advises Caution With Firmware
By Andrew E. Freedman published 2 days ago
Reports suggest ransomware may have been involved.
(opens in new tab)
Comments (6)
MSI Raider GE78 HX
(Image credit: Tom's Hardware)
Gaming hardware manufacturer MSI confirmed today that it was the victim of a cyberattack. In a brief statement on its website, the company said that the attack hit "part of its information systems," which have since returned to regular operations.
The company advises its customers only to get BIOS and firmware updates from the MSI website and no other sources. It's light on details, saying that after "detecting network anomalies," MSI implemented "defense mechanisms and carried out recovery measures," and then informed the the government and law enforcement.
"MSI is committed to protecting the data security and privacy of consumers, employees, and partners, and will continue to strengthen its cybersecurity architecture and management to maintain business continuity and network security in the future," the unsigned blog post reads.
The post doesn't mention if customer data was stolen or affected. Tom's Hardware reached out to MSI but did not hear back in time for publication. In addition, emails to official spokesperson addresses listed on the company's website bounced.
The first signs of the cyberattack surfaced yesterday in a report from BleepingComputer, which showed that a ransomware group called Money Message had claimed to have stolen source code, a "framework to develop bios [sic]" and private keys. In addition, the site saw chats that suggested the group claimed to have stolen 1.5TB of data and asked for a ransom payment of over four million dollars. It's unclear if these are related or if MSI paid a ransom.
This isn't the first hardware manufacturer to see this kind of attack in recent memory. Just last month, a hacker stole 160GB of data from Acer off of a document server meant for repair technicians. (Acer also had 60GB of data stolen in October 2021.)
In recent years, we've seen Quanta, Nvidia, and other major hardware manufacturers investigate potential cyberattacks. Clearly, the desire for bad actors to access data from major hardware vendors, which could then potentially spread into client computers, isn't going away anytime soon.