MSI laptop users are at risk of being hacked due to a recent data breach by the hacker group Money Message. The hackers gained access to confidential data from MSI’s servers, including authentication keys for MSI laptop software. The stolen data included BIOS keys for 57 of the company’s laptop models, which MSI uses to certify updates to its software. Without these keys, the computer will perceive the software update as unreliable and potentially malicious.
Cybersecurity firm Binarly analyzed the leaked data and confirmed the presence of the BIOS keys for the affected laptop models. The leak of these keys can enable attackers to create malicious firmware updates that can be delivered to a victim’s system through normal BIOS update processes using MSI update tools. Malware can also end up on the user’s computer through fake websites or emails purporting to be from MSI.
The leakage of keys for Intel Boot Guard, which provides hardware-based BIOS boot integrity protection, monitors unauthorized boot blocks and prohibits their execution, is another problem arising from the data breach. The leaked MSI data contains Intel Boot Guard keys for 117 of the company’s products, which affects the entire ecosystem, not just MSI products, and renders this security feature useless.
MSI has advised its users not to download its software from unofficial sources, but experts suggest that the company has a limited choice of possible solutions to this problem. To update the keys to new secure ones, it will be necessary to use old keys that were stolen, making it difficult to simply revoke the compromised keys.
The leak of confidential data and authentication keys is a concerning issue, as it poses a significant threat to the cybersecurity of MSI laptop users. The potential for attackers to infect laptops under the guise of official BIOS while remaining unnoticed highlights the importance of cybersecurity measures and the need for users to be vigilant and cautious when downloading software.
Antivirus systems are not always able to detect viruses, and users should exercise caution when downloading updates or software from unverified sources. It is essential for companies to implement robust cybersecurity protocols to safeguard confidential data and protect their users from potential cyber threats.
