Taiwanese PC Parts Maker MSI Targeted by Ransomware Gang

“Taiwanese PC parts maker MSI (Micro-Star International) has been listed on the extortion portal of a new ransomware gang known as "Money Message," which claims to have stolen source code from the company's network. MSI is a global hardware giant that makes motherboards, graphics cards, desktops, laptops, servers, industrial systems, PC peripherals, and infotainment products, with an annual revenue that surpasses $6.5 billion.

The threat actor has listed MSI on its data leak website and posted screenshots of what they claim to be the hardware vendor's CTMS and ERP databases and files containing software source code, private keys, and BIOS firmware. Money Message now threatens to publish all these allegedly stolen documents in about five days unless MSI meets its ransom payment demands.

BleepingComputer Highlights Ransomware Activity

BleepingComputer highlighted this novel ransomware group's activity in a report published over the weekend and described the gang's attack chain, hinting at the possibility of the threat actors having breached a well-known computer hardware vendor. According to chats seen by BleepingComputer at the time, the threat actors claimed to have stolen 1.5TB of data from MSI's systems, including source code and databases, and demanded a ransom payment of $4,000,000.