Motherboard maker MSI announced today that they’re been the victim of a cyber attack and warned about rogue firmware.

Seems obvious that one should only load motherboard firmware from BLOBs provided by the mobo maker.  If someone compromised MSI, they may be able to effectively provide functional yet subverted firmware.  That would be a rootkit author’s dream.

It’s not clear if MSI’s firmware distribution channel was subverted.  Did someone break into MSI and replace their public downloads with cracked firmware?  They don’t say this happened.  Another concern would be if the hackers got away with signing keys or source code that would allow them to write their own evil firmware.

So if you’re a gamer, be careful!  Thanks to LowEndTalk admin @DP for sharing the news.

Here’s the press release from MSI:

MSI recently suffered a cyberattack on part of its information systems. Upon detecting network anomalies, the information department promptly activated relevant defense mechanisms and carried out recovery measures, and reported the incident to government law enforcement agencies and cybersecurity units. Currently, the affected systems have gradually resumed normal operations, with no significant impact on financial business.

MSI urges users to obtain firmware/BIOS updates only from its official website, and not to use files from sources other than the official website.

MSI is committed to protecting the data security and privacy of consumers, employees, and partners, and will continue to strengthen its cybersecurity architecture and management to maintain business continuity and network security in the future.

• Author
• Recent Posts

raindog308

Dread Lord of LowEnd Content at LowEndBox

I'm raindog308, techno polymath and long-time LowEndTalk community Administrator. My technical interests include all things Unix, perl, python, golang, shell scripting, vintage operating systems such as MVS, and relational database systems such as Oracle, PostgreSQL, and MySQL.

I also enjoy using LEBs! I have an empire of little guys for VPNs, larger guys for apps, and big guys for databases and storage. When I'm not in front a screen I'm into German Shepherd dogs, quality knives, target shooting, theology, tabletop roleplaying games, and forest hiking.

I enjoy writing technical articles here on LowEndBox to help people get more out of their systems. You can find me on LowEndTalk @raindog308

Latest posts by raindog308 (see all)

• Multiple POPs Down For Days: Is Path.net Circling the Drain? - January 30, 2025
• AI Pushes the Doomsday Clock a Second Closer to Midnight - January 29, 2025
• QuadraNet’s LA Datacenter Has Been Offline for Five Days - January 28, 2025