Latest Tech News

MSI Ransomware Attack Takes a New Turn with Leaked Code Signing Keys on Dark Web


Recently, the cybercriminals behind the ransomware attack on Taiwanese computer hardware maker MSI leaked the company’s private code signing keys on the Dark Web. The leaked data includes firmware image signing keys for 57 PCs and private signing keys for Intel Boot Guard used on 116 MSI products. According to cybersecurity experts, the Boot Guard keys from MSI could impact several device vendors, including Intel, Lenovo, and Supermicro.

Intel Boot Guard is a hardware-based security technology designed to protect computers from executing tampered UEFI firmware. The leak of the keys poses significant risks, as hackers could use them to sign malicious updates and other payloads and deploy them on targeted systems without raising any red flags.

The leak of MSI’s private code signing keys is a significant development that could have far-reaching consequences for the tech industry. The impact could be felt across the ecosystem, from individual users to large enterprises. The leaked keys could be used to sign malware with MSI’s digital signature, bypassing security measures put in place to detect and prevent malicious software. This could potentially lead to widespread malware infections, data breaches, and other cyber attacks that could affect millions of users worldwide.

It is important for companies to take cybersecurity seriously and implement robust security measures to protect their assets, including code signing keys. Users are advised to obtain firmware/BIOS updates only from official websites and refrain from downloading files from other sources. It is also crucial for companies to collaborate and share information to prevent and mitigate cyber attacks.

This is not the first time that UEFI firmware code has entered the public domain. In October 2022, Intel acknowledged the leak of Alder Lake BIOS source code by a third party, which also included the private signing key used for Boot Guard. The recent leak of MSI’s private code signing keys serves as another stark reminder of the importance of cybersecurity and the need for companies to take proactive steps to protect their assets and prevent cyber attacks.

Creative Mind

Hello Dope SOUL'S, I'm the founder of, a self-taught blogger with a passion for technology. My journey began with a fascination for tech's power to shape our world, leading me to self-learn computer science and engineering. After years as a self-taught software engineer, I realized my true calling lay in sharing knowledge. This inspired, where I provide valuable insights on tech trends, gadgets, and software. As a self-taught blogger, I explore new tech, analyze trends, and offer honest reviews. I believe in demystifying complex subjects for both tech enthusiasts and beginners. Beyond blogging, I actively engage in tech conferences, collaborating with industry pros to ensure my content stays accurate and relevant. is a platform dedicated to sharing knowledge, connecting with the tech community, and helping readers navigate the ever-evolving tech landscape. Thanks for joining this journey. Stay curious and tech-savvy! Best regards, [Creative Mind] Founder,

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button