MSI confirms breach after Money Message ransomware gang hackers claim responsibility

Micro-Star International Co. Ltd. (MSI), the Taiwanese manufacturer of hardware for personal computers, confirmed earlier today that it suffered a breach of its systems after a new ransomware gang called "Money Message" claimed responsibility and revealed it stole source code from the company's corporate network.

According to chats seen by BleepingComputer between the ransomware gang and an MSI representative, the threat actors demanded a ransom payment of $4,000,000 based on a claim that they've stolen roughly 1.5TB worth of documents from MSI's network.

Money Message now threatens to release the allegedly stolen files sometime next week if MSI fails to meet its ransom demands. The threat actors have listed MSI on their data leak site, so far only sharing screenshots of what they describe as the PC maker's Enterprise Resource Planning (ERP) databases and files containing software source code, private keys, and BIOS firmware.

This is the same group that Zscaler, a cloud security company headquartered in San Jose, California, recently called attention to on Twitter. According to Zscaler and BleepingComputer, Money Message is performing double-extortion attacks, which is when a threat actor both exfiltrates a target's sensitive data and encrypts it.

To pull this off, attackers can leverage a variety of ways to gain access to a company's network. Phishing for login credentials is perhaps the easiest, but depending on the skill level of the attacker, they can also exploit vulnerabilities and brute-force an RDP server, among other tactics.

Read more -here-

• Uber ties up with Avride for food deliveries, robotaxi rides
• Spotify now automatically creates an offline playlist when you lose internet
• DrayTek fixed critical flaws in over 700,000 exposed routers
• Verizon confirms service is back online after a major outage
• Epic Games to sue Google, Samsung over alleged app-store scheme
• DirecTV and Dish close to major merger