MercuryGate Faces Cybersecurity Breach by Cl0p Ransomware Group

Incident Date: Jan 18, 2025

Attack Overview

VICTIM

MercuryGate

INDUSTRY

Software

LOCATION

USA

ATTACKER

Clop

FIRST REPORTED

January 18, 2025

Request Removal

Ransomware Attack on MercuryGate by Cl0p: A Detailed Analysis

MercuryGate International, a leading provider of transportation management software, has recently fallen victim to a ransomware attack orchestrated by the notorious Cl0p group. This incident, discovered on January 20, 2025, highlights the ongoing threat posed by sophisticated cybercriminals targeting critical software providers.

About MercuryGate

Founded in 2000, MercuryGate is headquartered in Cary, North Carolina, and employs over 300 people. The company is renowned for its cloud-based Transportation Management System (TMS) that supports various transportation modes, including truckload, LTL, air, ocean, and rail. MercuryGate's platform is designed to streamline logistics operations, offering features such as shipment planning, full shipment visibility, and automated settlement. Their focus on transportation management automation and use of AI and machine learning distinguishes them in the logistics industry.

Attack Overview

The Cl0p ransomware group claims to have accessed MercuryGate's database, though the full extent of the breach remains undisclosed. This attack underscores the vulnerabilities inherent in software companies that manage sensitive logistics and supply chain data. The breach could potentially disrupt MercuryGate's operations and compromise the data of its clients, which include shippers, 3PLs, and freight forwarders.

Cl0p Ransomware Group

Active since 2019, Cl0p has established itself as a formidable threat actor, known for exploiting vulnerabilities in managed file transfer software. The group has previously targeted platforms like MOVEit and GoAnywhere, causing significant data breaches. Cl0p is distinguished by its use of double extortion tactics, threatening to expose sensitive data if ransom demands are not met. Their recent campaigns have involved exploiting zero-day vulnerabilities and deploying custom malware to maintain access to compromised systems.

Sources

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.