MSI, one of the world’s best-known computer manufacturers, suffered a dangerous malware attack a few days ago. In addition, the company has acknowledged that they have suffered a strong ransomware attack.
The MSI company has published on its website and the Taiwan stock exchange that a group of hackers has attacked them. The attack has been through ransomware.
MSI has suffered a dangerous malware attack
For people who do not know what ransomware is, it is a dangerous type of malware that prevents users from accessing their systems or personal files. The goal of hackers when they install ransomware is to charge users money to regain access to their system.
Currently, MSI is experiencing a ransomware attack; however, MSI, after it disclosed the situation it is facing, has held Money Message responsible for the attack.
Money Message has infected MSI’s system, and MSI is being demanded to pay a ransom of $4 million to stop leaking the company’s financial data. The information disclosed by MSI has not specified details, such as whether they are still suffering from the hackers’ attack; MSI has downplayed the situation in the press release the company has made.
MSI stated in the press release that the systems affected by the hackers are gradually returning to normal operation and that the attack has had little or no impact on the financial industry.
Unfortunately, Money Message, the organization to which the attack is attributed, keeps details of MSI’s hardware information confidential. However, the hijacked information includes data such as the source code of the motherboard’s BIO. So if the criminals decide to leak this information, it could cause serious problems for MSI.
Money Message has set a timer of 100 hours, the deadline MSI has to comply with their requests. If not done within that time, the hackers threaten to release 27GB of MSI information to the public.
💰ThreatLabz has discovered a new #ransomware group named Money Message performing double extortion attacks.
Sample hash: bbdac308d2b15a4724de7919bf8e9ffa713dea60ae3a482417c44c60012a654b
Data leak site: blogvl7tjyjvsfthobttze52w36wwiz34hrfcmorgvdzb6hikucb7aqd[.]onion pic.twitter.com/P7xYnHy6wL
— Zscaler ThreatLabz (@Threatlabz) March 29, 2023
What is Money Message?
As previously mentioned, a ransomware attack prevents users from accessing their systems; with this attack, the hackers demand a ransom from the users. It is important to remember that this type of attack is nothing new, as some criminals have been using them since 1980.
However, ransomware has evolved and become increasingly dangerous; according to F-Secure’s research director, it is now known as “ransomware 2.0” because it encrypts data and demands money for not disclosing information.
Money Message is a very new hacker group; a few days ago, the Bleeping Computer forums reported the group’s first significant attack. Specifically, the attack occurred on March 28. However, according to Zscaler’s Threat Labs, Money Message was discovered only a day later.
To date, Money Message lists seven successful ransomware attacks on its website; these include attacks on large enterprises, other small corporations, and an airline.
It is currently uncertain whether Money Message will proceed with the attack on MSI or whether the company will agree to pay the ransom demand. However, regardless of what happens, MSI has made it clear that from now on, they will only use official download links from their website.