Cash Message ransomware gang claims MSI breach, calls for $4 million

Ad - Web Hosting from SiteGround - Crafted for easy site management. Click to learn more.


Taiwanese PC components maker MSI (Micro-Star Worldwide) has been listed on the extortion portal of a brand new ransomware gang often known as “Cash Message,” which claims to have stolen supply code from the corporate’s community.

MSI is a worldwide {hardware} large that makes motherboards, graphics playing cards, desktops, laptops, servers, industrial methods, PC peripherals, and infotainment merchandise, with an annual income that surpasses $6.5 billion.

The menace actor has listed MSI on its knowledge leak web site and posted screenshots of what they declare to be the {hardware} vendor’s CTMS and ERP databases and information containing software program supply code, personal keys, and BIOS firmware.

Cash Message now threatens to publish all these allegedly stolen paperwork in about 5 days until MSI meets its ransom fee calls for.

MSI listed on 'Money Message' extortion site
MSI listed on ‘Cash Message’ extortion web site (BleepingComputer)

BleepingComputer highlighted this novel ransomware group‘s exercise in a report printed over the weekend and described the gang’s assault chain, hinting at the opportunity of the menace actors having breached a widely known pc {hardware} vendor.

In accordance with chats seen by BleepingComputer on the time, the menace actors claimed to have stolen 1.5TB of knowledge from MSI’s methods, together with supply code and databases, and demanded a ransom fee of $4,000,000.

Chat between the threat actor and the victim's representative
Chat between the menace actor and the sufferer’s consultant (BleepingComputer)

“Say your supervisor, that we have now MSI supply code, together with framework to develop bios, additionally we have now personal keys capable of check in any customized module of these BIOS and set up it on PC with this bios,” a Cash Message operator mentioned in a chat with an MSI agent.

Since discovering this, BleepingComputer has reached out to MSI a number of occasions, however we’re nonetheless ready for a reply.

As such, we’ve not been capable of confirm whether or not Cash Message’s knowledge breach claims are legitimate and whether or not the information they threaten to leak belongs to MSI.

Ad - WooCommerce hosting from SiteGround - The best home for your online store. Click to learn more.

#Cash #Message #ransomware #gang #claims #MSI #breach #calls for #million

No Comments

Leave a Reply

Your email address will not be published. Required fields are marked *