In the past few days, the balance sheet of attacking MSI servers has started to emerge. Risks come to the fore that will endanger not only MSI customers but also other brands of which it is a supplier.MSI is out of luck
In the recent cyber attack, approximately 1.5TB of company data on MSI servers was stolen. In this data, it was reported that the source codes were also included in addition to the plans for company integration. The attackers had promised to return the files for a $4 million ransom, but things got more complicated when MSI refused to do so.
The files that attackers started to distribute on public servers contain signature keys for 200 different MSI products. These include software framework signing and Intel BootGuard keys. Its importance is that it can reliably introduce malicious software to the system.
Confirmation keys mostly affect systems with tenth generation and older Intel processors. Many companies such as Lenovo and Supermicro are among the affected names. MSI has asked not to download UEFI or BIOS updates from anywhere other than its own site. Because until now, it is estimated that the attackers may have prepared fake updates. It has not yet been announced how manufacturers will set an update schedule.
51764
