money message attacks Micro-Star International

Date:

April 6, 2023

World map

Overview

Title

money message attacks Micro-Star International

Victim

Micro-Star International

Attacker

Money Message

Location

New Taipei City, Taiwan

New Taipei City,

Size of Attack

Unknown/TBD

First Reported

April 6, 2023

Last Updated

October 31, 2022

“Taiwanese PC parts maker MSI (Micro-Star International) has been listed on the extortion portal of a new ransomware gang known as "Money Message," which claims to have stolen source code from the company's network. MSI is a global hardware giant that makes motherboards, graphics cards, desktops, laptops, servers, industrial systems, PC peripherals, and infotainment products, with an annual revenue that surpasses $6.5 billion. The threat actor has listed MSI on its data leak website and posted screenshots of what they claim to be the hardware vendor's CTMS and ERP databases and files containing software source code, private keys, and BIOS firmware. Money Message now threatens to publish all these allegedly stolen documents in about five days unless MSI meets its ransom payment demands. BleepingComputer highlighted this novel ransomware group's activity in a report published over the weekend and described the gang's attack chain, hinting at the possibility of the threat actors having breached a well-known computer hardware vendor. According to chats seen by BleepingComputer at the time, the threat actors claimed to have stolen 1.5TB of data from MSI's systems, including source code and databases, and demanded a ransom payment of $4,000,000.”

Taiwanese PC parts maker MSI (Micro-Star International) has been listed on the extortion portal of a new ransomware gang known as Money Message...

Oh no!

This attack's description was not found, while we work on the detailed account of this attack we invite you to browse through other recent Rasomware Attacks in the table below.

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.

8Base attacks Royal Insignia
Date
February 28, 2024
Ransomware group
8Base
Location

Singapore, Singapore

, Singapore

Industry
Retail Trade
Victim
Royal Insignia
8Base attacks Royal Insignia
Date
February 28, 2024
Ransomware group
8Base
Location

Singapore, Singapore

, Singapore

Industry
Retail Trade
Victim
Royal Insignia
Rhysida targets the Ann & Robert H Lurie Children's Hospital of Chicago
Date
February 27, 2024
Ransomware group
Rhysida
Location

Chicago, USA

Illinois, USA

Industry
Healthcare
Victim
Ann & Robert H Lurie Children's Hospital of Chicago
Rhysida targets the Ann & Robert H Lurie Children's Hospital of Chicago
Date
February 27, 2024
Ransomware group
Rhysida
Location

Chicago, USA

Illinois, USA

Industry
Healthcare
Victim
Ann & Robert H Lurie Children's Hospital of Chicago
Medusa targets JS International
Date
February 27, 2024
Ransomware group
Medusa
Location

Fall River, USA

Massachusetts, USA

Industry
Manufacturing
Victim
JS International
Medusa targets JS International
Date
February 27, 2024
Ransomware group
Medusa
Location

Fall River, USA

Massachusetts, USA

Industry
Manufacturing
Victim
JS International
BlackCat/ALPHV attacks S+C Partners
Date
February 26, 2024
Ransomware group
ALPHV
Location

South Mississauga, Canada

Ontario, Canada

Industry
Professional, Scientific & Technical Services
Victim
S+C Partners
BlackCat/ALPHV attacks S+C Partners
Date
February 26, 2024
Ransomware group
ALPHV
Location

South Mississauga, Canada

Ontario, Canada

Industry
Professional, Scientific & Technical Services
Victim
S+C Partners
Ransomhouse attacks Webber International University
Date
February 26, 2024
Ransomware group
RansomHouse
Location

Babson Park, USA

Florida, USA

Industry
Education
Victim
Webber International University
Ransomhouse attacks Webber International University
Date
February 26, 2024
Ransomware group
RansomHouse
Location

Babson Park, USA

Florida, USA

Industry
Education
Victim
Webber International University
Akira attacks the Municipality of Bjuvs
Date
February 26, 2024
Ransomware group
Akira
Location

Mejerigatan, Sweden

Bjuv, Sweden

Industry
State & Local Government
Victim
Municipality of Bjuvs
Akira attacks the Municipality of Bjuvs
Date
February 26, 2024
Ransomware group
Akira
Location

Mejerigatan, Sweden

Bjuv, Sweden

Industry
State & Local Government
Victim
Municipality of Bjuvs
Rhysida attacks Ironrock
Date
February 26, 2024
Ransomware group
Rhysida
Location

Canton, USA

Ohio, USA

Industry
Manufacturing
Victim
Ironrock
Rhysida attacks Ironrock
Date
February 26, 2024
Ransomware group
Rhysida
Location

Canton, USA

Ohio, USA

Industry
Manufacturing
Victim
Ironrock
Medusa attacks The Professional Liability Fund
Date
February 26, 2024
Ransomware group
Medusa
Location

Portland, USA

Oregon, USA

Industry
Finance & Insurance
Victim
The Professional Liability Fund
Medusa attacks The Professional Liability Fund
Date
February 26, 2024
Ransomware group
Medusa
Location

Portland, USA

Oregon, USA

Industry
Finance & Insurance
Victim
The Professional Liability Fund
Medusa attacks Penn Cinema
Date
February 26, 2024
Ransomware group
Medusa
Location

Lititz, USA

Pennsylvania, USA

Industry
Arts, Entertainment & Recreation
Victim
Penn Cinema
Medusa attacks Penn Cinema
Date
February 26, 2024
Ransomware group
Medusa
Location

Lititz, USA

Pennsylvania, USA

Industry
Arts, Entertainment & Recreation
Victim
Penn Cinema
CI0p targets The Peddie School
Date
February 26, 2024
Ransomware group
Cl0p
Location

Hightstown, USA

New Jersey, USA

Industry
Education
Victim
The Peddie School
CI0p targets The Peddie School
Date
February 26, 2024
Ransomware group
Cl0p
Location

Hightstown, USA

New Jersey, USA

Industry
Education
Victim
The Peddie School