Taiwanese PC Company MSI Falls Victim to Ransomware Attack
9.4.23 Ransomware The Hacker News
Taiwanese PC company MSI (short for Micro-Star International) officially confirmed it was the victim of a cyber attack on its systems.
The company said it "promptly" initiated incident response and recovery measures after detecting "network anomalies." It also said it alerted law enforcement agencies of the matter.
That said, MSI did not disclose any specifics about when the attack took place and if it entailed the exfiltration of any proprietary information, including source code.
"Currently, the affected systems have gradually resumed normal operations, with no significant impact on financial business," the company said in a brief notice shared on Friday.
In a regulatory filing with the Taiwan Stock Exchange, it said that it's setting up enhanced controls of its network and infrastructure to ensure the security of data.
MSI is further urging users to obtain firmware/BIOS updates only from its official website, and refrain from downloading files from other sources.
The disclosure comes as a new ransomware gang known as Money Message added the company to its list of victims. The threat actor was spotlighted by Zscaler late last month.
"The group utilizes a double extortion technique to target its victims, which involves exfiltrating the victim's data before encrypting it," Cyble noted in an analysis published this week. "The group uploads the data on their leak site if the ransom is unpaid."
The development comes a month after Acer confirmed a breach of its own that resulted in the theft of 160 GB of confidential data. It was advertised on March 6, 2023, for sale on the now-defunct BreachForums.