Now that the keys used to sign legitimate software by MSI have been leaked following a hack, the likelihood of successful attacks through the software supply chain has increased.
MSI does not have an automatic patch system for its laptops, as HP and Dell do. That’s a problem, as the manufacturer has no way to easily and quickly revoke compromised digital keys. Such keys were leaked in a hack last month, allowing hackers to sign rogue software as if it came from MSI itself. Such malware would be treated as trustworthy by MSI computers, giving hackers the opportunity to compromise the computers.
Dangerous but not easy
Actually, it is important for MSI to withdraw the leaked keys as soon as possible and replace them with new ones, but according to Binarly’s Alex Matrosov, which discovered the leak of the keys, the manufacturer has no ready method to do that. Moreover, official guidelines on security are not forthcoming. This is particularly annoying since systems for the business market are also vulnerable after the hack.
That’s not to say that it’s suddenly easy for attackers to break into MSI computers. A successful attack with a signed piece of malware must first reach a target computer. To do this, hackers have to look for or exploit other vulnerabilities, although a vector can be as simple as phishing.
2023-05-11 07:52:37
#Leaked #MSI #Keys #Open #Door #Supply #Chain #Attack
