“Money Message,” a recently established ransomware group, is demanding a significant amount of money from MSI by threatening to expose a massive collection of sensitive data, including vital source code.
The group has provided a five-day ultimatum for MSI to pay a substantial ransom of $4 million.
In case of non-payment, the group has declared its intention to publish 1.5 terabytes (TB) of the stolen data.
The perpetrator has added MSI’s name to its data leak website and shared snapshots that allegedly show the vendor’s CTMS and ERP databases.
The screenshots also display files that include software source code, private keys, and BIOS firmware, as per their claim.
Based on the screenshots of the allegedly stolen data and conversations between the ransomware group and MSI, it appears that the threat actors hacked into the company’s CTMS and ERP databases.
These databases included private keys and different types of source code, such as the framework for MSI’s BIOS firmware.
BleepingComputer published a report over the weekend which focused on the activities of a fresh ransomware gang.
The report explained the gang’s attack methods and suggested that they may have infiltrated a well-known computer hardware manufacturer.
According to BleepingComputer, “the threat actors claimed to have stolen 1.5TB of data from MSI’s systems, including source code and databases, and demanded a ransom payment of $4,000,000.”
If the reported attack on MSI’s network is indeed genuine, the exact means utilized by the Money Message group to infiltrate the company’s systems are unclear.
MSI has not yet made any official statement regarding the situation.
It is also uncertain if MSI plans to acquiesce to the ransom demand in the event that the threat is authentic.