This means that seemingly legitimate updates may actually contain malicious payloads that infect users’ devices without triggering any warnings. Worse still, unlike major hardware manufacturers like Dell and HP, MSI does not have an automated fix process and the ability to revoke leaked keys. “It’s like a doomsday scenario where it’s very difficult to update the devices at the same time… and they will use the old key for authentication,” Matrosov said. “This is very difficult to resolve and I don’t think MSI has any fallback solution to really prevent key leaks”
The extent of the damage became known when the Money Message hacker group identified MSI as the victim and shared screenshots of private encryption keys and source code. Of particular concern is the signing key used to authenticate MSI firmware updates. In the wrong hands, this key can be used to distribute infected updates to unsuspecting users. Matrosov stressed the seriousness of the situation and the need for MSI to quickly address the implications for security.
While there have been no reports of supply chain attacks targeting MSI customers so far, having the signing key significantly reduces the effort and resources required for such an attack by hackers.
Source: Ferra
I am a professional journalist and content creator with extensive experience writing for news websites. I currently work as an author at Gadget Onus, where I specialize in covering hot news topics. My written pieces have been published on some of the biggest media outlets around the world, including The Guardian and BBC News.
