MSI, a Taiwanese hardware giant, is being blackmailed by a newly formed ransomware gang who claim to have stolen their source code. The gang, calling themselves “Money Message”, are demanding a payment of $4 million within five days, or they will publish 1.5 terabytes of stolen data. The images suggest that the threat actors cracked the company’s clinical trial management (CTMS) and enterprise resource planning (ERP) databases containing private keys and various source code, including the framework for MSI’s BIOS firmware.
Zscaler and BleepingComputer have both drawn attention to this new gang, who perform double-extortion attacks, threatening to both exfiltrate and encrypt sensitive data from a target. BleepingComputer has attempted to contact MSI to verify the ransom report, but has not received a response so far.
