BlackMatter Ransomware hit Marketron Marketing Services

BlackMatter Ransomware hit Marketron Marketing Services

BlackMatter ransomware group over the weekend hit Marketron, a business software solution facilitates that serves more than 6,000 customers in the Media industry. Marketron facilitates cloud-based revenue and traffic management pieces of equipment for broadcast and media companies. It specifies revenue management and audience engagement, handling advertising revenue of $5 billion every year.

In Conversation with BlackMatter Ransomware

Marketron customers learned of the incident in an email on previous days from the organization’s CEO, Jim Howard, who said that “the Russian criminal organization BlackMatter” was answerable for the attack.

This would be another ransomware attack over the past weekend assert by the BlackMatter, as the group also hijacked the NEW Cooperative U.S. farmers organization, and asked for a $5.9 million ransom.

Howard is conciliatory in his email to customers, saying that they do not know how the hackers breached the network since the company made significant investments recently in cybersecurity implementations designed to protect from intruders.

“This issue comes despite significant recent investments in separating backup and disaster recovery in different physical and network environments, instituting ‘zero trust’ access management policies, and new security detection and recovery tools” – Jim Howard, Marketron CEO

Howard also says that the company was communicating with the hackers as well as the Federal Bureau of Investigation (FBI) and that all efforts are towards restoring the systems as quickly as possible.    

Blackmatter-Ransomware-hit-Marketron-Marketing-Services-image1

Services are also not working

Marketron announced the incident saying that it was dealing with a “cyber event” that disrupted some of its business operations and impacted all its customers in recent days. “Currently, all Marketron services are offline,” the organization declared, computing that the attack affected the Marketron Traffic, Visual Traffic Cloud, Exchange, and Advertiser Portal services.

RadioTraffic and RepPak services were still standing but the company took them offline as a precaution. The only platforms that remained online were Pitch, Email Marketing, and Mobile Messaging.

Bo Bandy, Marketron’s VP of Marketing, disclosed the issues publicly on Monday saying that third-party forensic investigators were working “to understand the full nature and scope of the event, determine root cause, and to ensure the integrity, safety, and security of our systems and data.”

“We are inadequate to establish the root cause of the event at this moment and this research is very much on-going” – Bo Bandy, Marketron VP of Marketing. Bandy told our security experts that the company discovered the attack and acted “to notify law enforcement, secure our systems and data, and contain the event.”

The BlackMatter ransomware is believed to be a rebrand of the DarkSide ransomware operation, which shut down after attacking Colonial Pipeline in May. The group has been extremely active, running more than a dozen organizations this month alone. Its freshest victims count organization are given below:

  • Wine and spirits company
  • Investment banking services provider in the U.S.
  • Vendor of citrus juicing equipment in Austria
  • Maker of drilling and foundation equipment in Italy
  • Japanese technology giant Olympus
  • US-based construction company
  • Unified communications company in the UK

Leave a Reply