HQ/EMEAFind out how we can help your business
The appearance of the new ransomware gang, Money Message, has made headlines recently, with findings about the group demanding millions of dollars from their victims. Following this issue is our iZOOlogic threat researchers discovering that the group had claimed an attack on Micro-Star International (MSI) posted on its leak site last April 4, 2023.
MSI is a leading Taiwan-based computer parts manufacturer with branches across America, Europe, Asia, South Africa, and Australia. Some of the best-known products MSI offers are computer motherboards, graphic cards, laptops, desktops, and many other computer accessories. As of this year, the company is believed to have a revenue of about $8 billion.
Like other ransomware gangs’ leak sites we have previously observed, a timer is displayed on Money Message’s page, which indicates how long before the group will publish the alleged stolen data from MSI. This timer leads to a deadline on April 10.
The Money Message gang allegedly nicked about 26.7GB of BAK files from MSI.
A screenshot posted by the Money Message gang on their page showed that about 26.7GB of backup (BAK) files had been stolen from the Taiwanese tech firm. This loaded database from the company would allegedly be released online once the timer finishes, similar to all other ransomware groups’ threats against their victims.
Since MSI has not released a comment about the ransomware group’s cyberattack claims, it cannot be confirmed yet. Nonetheless, with the huge customer base of the tech company worldwide, a threat of data leak would greatly affect them upon its occurrence.
In separate reports, cybersecurity experts learned that the Money Message gang encrypts the victims’ file folders on a compromised computer and leaves a ransom note (money_message[.]log). This ransom note will direct the victim to a TOR site where negotiations are supposed to happen.
Since more and more ransomware groups emerge in the wild up to this day, security researchers highly encourage companies and individuals to be more protective of their digital assets and infrastructures.
