Motherboard maker MSI announced today that they’re been the victim of a cyber attack and warned about rogue firmware.

Seems obvious that one should only load motherboard firmware from BLOBs provided by the mobo maker.  If someone compromised MSI, they may be able to effectively provide functional yet subverted firmware.  That would be a rootkit author’s dream.

It’s not clear if MSI’s firmware distribution channel was subverted.  Did someone break into MSI and replace their public downloads with cracked firmware?  They don’t say this happened.  Another concern would be if the hackers got away with signing keys or source code that would allow them to write their own evil firmware.

So if you’re a gamer, be careful!  Thanks to LowEndTalk admin @DP for sharing the news.

Here’s the press release from MSI:

MSI recently suffered a cyberattack on part of its information systems. Upon detecting network anomalies, the information department promptly activated relevant defense mechanisms and carried out recovery measures, and reported the incident to government law enforcement agencies and cybersecurity units. Currently, the affected systems have gradually resumed normal operations, with no significant impact on financial business.

MSI urges users to obtain firmware/BIOS updates only from its official website, and not to use files from sources other than the official website.

MSI is committed to protecting the data security and privacy of consumers, employees, and partners, and will continue to strengthen its cybersecurity architecture and management to maintain business continuity and network security in the future.

• Author
• Recent Posts

raindog308

Dread Lord of LowEnd Content at LowEndBox

I'm raindog308, techno polymath and long-time LowEndTalk community Administrator. My technical interests include all things Unix, perl, python, golang, shell scripting, vintage operating systems such as MVS, and relational database systems such as Oracle, PostgreSQL, and MySQL.

I also enjoy using LEBs! I have an empire of little guys for VPNs, larger guys for apps, and big guys for databases and storage. When I'm not in front a screen I'm into German Shepherd dogs, quality knives, target shooting, theology, tabletop roleplaying games, and forest hiking.

I enjoy writing technical articles here on LowEndBox to help people get more out of their systems. You can find me on LowEndTalk @raindog308

Latest posts by raindog308 (see all)

• We Love Cheap Yearly VPS Offers: $10.18/Year from DediRock in New York or Los Angeles! - March 9, 2025
• This Offer from VeloxMedia is Packed Full of Bonuses for Our Readers! Cheap Dedicated Server and Cheap VPS Offers in Seattle and California! - March 8, 2025
• Google Summer of Code 2025 is Almost Here!Check Out What BorgBase Needs and How You Can Earn a Nice Stipend - March 7, 2025