May 09, 2023 – Intel is currently investigating the recent leak of MSI product information and taking appropriate measures to protect users from potential threats. The leak occurred after the Money Message ransomware group attacked MSI, stealing 1.5TB of data, including firmware, source code, and databases. The group then demanded $4 million as ransom from MSI, which was refused. Last week, the group released the stolen data to the public.
Upon analyzing the data, researchers discovered that it contained MSI OEM signing keys for Intel Boot Guard. However, Intel responded by stating that “Intel BootGuard OEM keys are generated by system manufacturers and are not Intel signing keys.”
To safeguard users from installing malicious firmware, Boot Guard will utilize embedded public keys in Intel hardware to validate if the firmware has undergone legitimate private signing key authentication. With this added security measure, Intel aims to protect its users from any potential risks and threats that may arise from the recent data leak.