Data breach of MSI Leaks Intel BootGuard OEM Image Signing Keys

A breach of MSI's servers has resulted in the exposure of Intel's BootGuard keys, posing a significant security risk to various devices. The breach, carried out by a hacker group known as Money Message, led to the theft of 1.5 TB of data, including source code and other important files. Despite the group's demand for a $4.0 million ransom, MSI refused to pay, prompting the hackers to release the files publicly. The leaked data contains Intel BootGuard keys from MSI, impacting not only MSI but also other major vendors such as Intel, Lenovo, and Supermicro. These keys play a crucial role in identifying untrusted and potentially malicious software. With access to these keys, attackers can compromise the security of affected devices by tagging malware as trusted. MSI has advised customers to only download UEFI/BIOS firmware from its official websites to avoid potential compromises. The leaked files are likely to circulate on the web, raising concerns about the presence of malicious code. The breach not only affects Intel BootGuard technology but also other OEM signing-based mechanisms within CSME. Intel and its affected partners have yet to comment on their plans to address this significant security flaw resulting from the breach.