A security breach in March resulted in MSI losing up to 1.5TB of sensitive data. However, this breach did not only affect MSI.
Following the breach, Intel is now investigating a significant leak of Intel Boot Guard keys. The extent of the damage is still uncertain, but the worst-case scenario is that these keys are now ineffective on compromised devices, which is quite an extensive list.
The whole situation appears to have begun with the MSI data breach earlier this year. The Money Message extortion gang targeted MSI in March, claiming to have stolen around 1.5TB of sensitive data. It demanded a ransom of $4 million to prevent the data from being leaked publicly.
However, MSI refused to pay the ransom, and unfortunately, the hacker gang followed through, leaking the firmware source code of MSI’s motherboards.
According to Alex Matrosov, the CEO of Binarly, a security platform, the source code may have contained some really sensitive information, such as Intel Boot Guard private keys for 116 MSI products.
Intel Boot Guard prevents the loading of malicious firmware on Intel hardware. The fact that it’s now compromised makes this as much Intel’s problem as it is MSI’s. If threat actors gain access to these keys, they might be able to create powerful malware that’s capable of bypassing Intel’s security measures.
Matrosov claims that Intel Boot Guard may now be ineffective on some of Intel’s best processors, including Tiger Lake, Alder Lake, and Raptor Lake chips running on MSI-based devices.
In a statement to Bleeping Computer, Intel said: “Intel is aware of these reports and actively investigating. There have been researcher claims that private signing keys are included in the data, including MSI OEM Signing Keys for Intel BootGuard. It should be noted that Intel BootGuard OEM keys are generated by the system manufacturer, and these are not Intel signing keys.”
It’s difficult to estimate the magnitude of this leak. It’s possible that it has opened the door to the creation of malware that can bypass Intel Boot Guard, which could be harmful to the affected devices.
If you’re using a build with an MSI motherboard and an Intel chip, take the usual security measures to stay safe. This includes not downloading files from sources you don’t trust and regularly scanning your computer with antivirus software, if you’re using any. We’ll have to wait for Intel and MSI to share more information on the data breach to know what happens next.
Editors’ Recommendations
Denial of responsibility! TechCodex is an automatic aggregator of the all world’s media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, and all materials to their authors. For any complaint, please reach us at – [email protected]. We will take necessory action within 24 hours.
Alex Smith is a writer and editor with over 10 years of experience. He has written extensively on a variety of topics, including technology, business, and personal finance. His work has been published in a number of magazines and newspapers, and he is also the author of two books. Alex is passionate about helping people learn and grow, and he believes that writing is a powerful tool for communication and understanding.