MSI Data Breach: Private Code Signing Keys Leaked on the Dark Web
Last month, MSI, a Taiwanese PC maker, was hit by a double extortion ransomware attack by a new ransomware gang known as Money Message. The threat actors behind the attack have now leaked the company's private code signing keys on their dark website. The leaked data includes firmware image signing keys associated with 57 PCs and private signing keys for Intel Boot Guard used on 116 MSI products. The Boot Guard keys from MSI are believed to impact several device vendors, including Intel, Lenovo, and Supermicro. Intel Boot Guard is a hardware-based security technology designed to protect computers against executing tampered UEFI firmware. The leak of the keys poses significant risks as threat actors could use them to sign malicious updates and other payloads and deploy them on targeted systems without raising any red flags. Malware: MoneyMessage, Wacatac [View Article](https://thehackernews.com/2023/05/msi-data-breach-private-code-signing.html)