HackDig : Dig high-quality web security articles

Sandhills online machinery markets shut down by ransomware attack

2021-10-02 19:58

Threat actor

Industry publication giant Sandhills Global has suffered a ransomware attack, causing hosted websites to become inaccessible and disrupting their business operations.

Sandhills Global is a US-based trade publication and hosting company catering to the transportation, agriculture, aircraft, heavy machinery, and technology industries.

Sandhills publishes various printed and hosted trade publications containing industry news and a marketplace for dealers to sell related new and used machinery.

Sandhills hit with a ransomware attack

Starting yesterday, the website for Sandhills Global and all of their hosted publications went offline, and their phones stopped working.

When attempting to access websites hosted on Sandhills' platform, users are greeted with a Cloudflare Origin DNS error page, indicating that Cloudflare is unable to connect to Sandhills' servers.

Cloudflare error 1016 when attempting to connect to SandHill hosted sitesCloudflare error 1016 when attempting to connect to Sandhills' sites
Cloudflare error 1016 when attempting to connect to Sandhills' sites

Numerous sources have told BleepingComputer that a Conti ransomware attack is behind these outages.

This attack reportedly took place in the early morning hours of Thursday, causing the company to shut down all of its IT systems to prevent the attack's spread.

Some of the well-known publications operated by Sandhills that are no longer accessible include Truck Paper, TractorHouse, AuctionTime, Machinery Trader, ForestryTrader, HiBid, RentalYard, Motorsports Universe, CraneTrader, MarketBook, RV Universe, Oil Field Trader, Aircraft, LiveStockMarket, Controller, and Aircraft.com.

The Conti ransomware gang has been responsible for a wide range of attacks over the years, including high-profile attacks against the JVCKenwood, the City of TulsaIreland's Health Service Executive (HSE), and Advantech.

When conducting attacks, the Conti gang usually steals files before encrypting devices to use as extra leverage during their extortion attempts. They then demand multi-million ransom demands to receive a decryptor and not leak stolen data.

It is unknown how much the Conti is demanding from Sandhills and whether they stole data during the attack.

BleepingComputer has contacted Sandhills with questions about the attack but has not received a response at this time.

Source: osnar-yb-nwod-tuhs-stekram-yrenihcam-enilno-sllihdnas/ytiruces/swen/moc.retupmocgnipeelb.www

Read:7593 | Comments:0 | Tags:Security ransomware

“Sandhills online machinery markets shut down by ransomware attack”0 Comments

Submit A Comment



Blog :

Verification Code:


Share high-quality web security related articles with you:)
Tell me why you support me <3

Tag Cloud