"MSI Hit in Cyberattack, Warns Against Installing Knock-off Firmware"

After MSI disclosed a recent cyberattack, owners of MSI motherboards, GPUs, notebooks, PCs, and other devices should exercise caution when updating the firmware or BIOS of their devices. MSI urged users to obtain firmware/BIOS updates exclusively from its official website and to refrain from using files from other sources. Although this may seem obvious, it's not uncommon to discover custom BIOS firmware for PC hardware, especially for GPUs, on enthusiast forums. However, MSI's warning may have been prompted by the types of data stolen during the attack. A group of malicious actors known as Money Message posted screenshots of MSI's CTMS and ERP databases, as well as source code, private keys, and BIOS firmware, on their dark website. This information should not fall into the wrong hands, as it could be used to create malicious firmware clones that people could be tricked into installing. This article continues to discuss the cyberattack faced by MSI and the potential impact of this attack. 

The Register reports "MSI Hit in Cyberattack, Warns Against Installing Knock-off Firmware"