Marketron Radio Pwned By Hackers Impacting 6000 Customers

InsideRadio reporting of Marketron Radio hit by a cyberattack. It’s so bad virtually all of its systems are offline. The cyberattack hit over the weekend and is impacting all 6,000 customers. CEO Jim Howard has stated Russian criminal organization BlackMatter is responsible. And if you’re keeping track, BlackMatter seems to be pwning all sorts of companies:

“Marketron recently discovered a cyberattack involving certain aspects of our network infrastructure that is causing an interruption in our normal business operations,” VP of Marketing Bo Bandy told Inside Radio. “Immediately upon learning of this event, we took swift action to notify law enforcement, secure our systems and information, and contain the event.”

The company, which manages $5 billion in annual U.S. advertising revenue, says it’s working with third-party specialists to assist in its response and recovery efforts, which include working to investigate the source and root cause, understand the full nature and scope of the event, and to restore full functionality. “We are also working to confirm the security of our systems and to assess the existing security measures we have in place to protect the integrity of our systems and data,” Bandy said.

Marketron’s customers were informed about the breach Sunday night in an email from CEO Jim Howard. 

“This issue comes despite significant recent investments in separating backup and disaster recovery in different physical and network environments, instituting ‘zero trust’ access management policies, and new security detection and recovery tools,” Howard said in the email. “We have not yet discovered how the hackers exploited our networks.”

Howard said the company is communicating with both BlackMatter and the FBI and using all of its resources to restore systems as quickly as possible. The company has set up a status page to keep clients informed and set up a help line for customers at 888-239-8878 or via email at help@marketron.com.

Saumitra Das, CTO and Cofounder, Blue Hexagon had this to say about this epic attack:

Blackmatter is the resurgence of folks associated with the DarkSide and REvil group (famous for the Colonial pipeline attack). Both of these groups were either shutdown or went dark after the high profile attacks they pursued brought pushback from the US and other government entities. They operate a ransomware-as-a-service platform which includes initial access brokers (IAB) and ransomware affiliates doing the initial legwork.  As is common, these always occur during the weekend where it is the hardest to get staff back in to respond quickly.

Expect to hear more from DarkMatter as this criminal organization clearly has some momentum. Which is bad news for everybody else.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: