{
	"id": "c961f67f-2cbc-4205-82d4-12b8c108233e",
	"created_at": "2026-04-06T00:07:23.702692Z",
	"updated_at": "2026-04-10T03:21:09.096313Z",
	"deleted_at": null,
	"sha1_hash": "f4f4ce5c7894feab129c94b1fdd97577c257cba3",
	"title": "Sandhills online machinery markets shut down by ransomware attack",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 1484473,
	"plain_text": "Sandhills online machinery markets shut down by ransomware attack\r\nBy Lawrence Abrams\r\nPublished: 2021-10-02 · Archived: 2026-04-05 17:40:45 UTC\r\nIndustry publication giant Sandhills Global has suffered a ransomware attack, causing hosted websites to become\r\ninaccessible and disrupting their business operations.\r\nSandhills Global is a US-based trade publication and hosting company catering to the transportation, agriculture, aircraft,\r\nheavy machinery, and technology industries.\r\nSandhills publishes various printed and hosted trade publications containing industry news and a marketplace for dealers to\r\nsell related new and used machinery.\r\nhttps://www.bleepingcomputer.com/news/security/sandhills-online-machinery-markets-shut-down-by-ransomware-attack/\r\nPage 1 of 4\n\nhttps://www.bleepingcomputer.com/news/security/sandhills-online-machinery-markets-shut-down-by-ransomware-attack/\r\nPage 2 of 4\n\nVisit Advertiser websiteGO TO PAGE\r\nSandhills hit with a ransomware attack\r\nStarting yesterday, the website for Sandhills Global and all of their hosted publications went offline, and their phones\r\nstopped working.\r\nWhen attempting to access websites hosted on Sandhills' platform, users are greeted with a Cloudflare Origin DNS error\r\npage, indicating that Cloudflare is unable to connect to Sandhills' servers.\r\nNumerous sources have told BleepingComputer that a Conti ransomware attack is behind these outages.\r\nThis attack reportedly took place in the early morning hours of Thursday, causing the company to shut down all of its IT\r\nsystems to prevent the attack's spread.\r\nSome of the well-known publications operated by Sandhills that are no longer accessible include Truck Paper, TractorHouse,\r\nAuctionTime, Machinery Trader, ForestryTrader, HiBid, RentalYard, Motorsports Universe, CraneTrader, MarketBook, RV\r\nUniverse, Oil Field Trader, Aircraft, LiveStockMarket, Controller, and Aircraft.com.\r\nThe Conti ransomware gang has been responsible for a wide range of attacks over the years, including high-profile attacks\r\nagainst the JVCKenwood, the City of Tulsa, Ireland's Health Service Executive (HSE), and Advantech.\r\nWhen conducting attacks, the Conti gang usually steals files before encrypting devices to use as extra leverage during their\r\nextortion attempts. They then demand multi-million ransom demands to receive a decryptor and not leak stolen data.\r\nIt is unknown how much the Conti is demanding from Sandhills and whether they stole data during the attack.\r\nBleepingComputer has contacted Sandhills with questions about the attack but has not received a response at this time.\r\nWhile Sandhills Global has not responded to our emails, an email sent to customers and shared with BleepingComputer\r\nconfirm the ransomware attack. \r\nSandhills Global is currently responding to a ransomware attack that impacted our operations.  Systems and\r\noperations have been temporarily shut down to protect data and information, and we have retained cybersecurity\r\nexperts to assist us with the investigation, which is ongoing.  We are working actively and diligently with the\r\nassistance of our retained experts to fully restore operations.  \r\nAt this time, we are continuing to investigate whether any of our client's information has been accessed or\r\nimpacted by this incident.  At this time, we have not discovered evidence that confirms that customer information\r\nhas been compromised.  Please know that our clients are our number one priority and we are working diligently to\r\nrestore operations and remediate the attack.  At this time, our ability to respond to your messages may be\r\ndelayed. We appreciate your patience and deeply regret any inconvenience this may cause.\r\nWe will provide updates regarding this matter and the status of our services as soon as possible.  \r\nUpdate 10/3/21: Added statement sent to Sandhills customers\r\nhttps://www.bleepingcomputer.com/news/security/sandhills-online-machinery-markets-shut-down-by-ransomware-attack/\r\nPage 3 of 4\n\nAutomated Pentesting Covers Only 1 of 6 Surfaces.\r\nAutomated pentesting proves the path exists. BAS proves whether your controls stop it. Most teams run one without the\r\nother.\r\nThis whitepaper maps six validation surfaces, shows where coverage ends, and provides practitioners with three diagnostic\r\nquestions for any tool evaluation.\r\nSource: https://www.bleepingcomputer.com/news/security/sandhills-online-machinery-markets-shut-down-by-ransomware-attack/\r\nhttps://www.bleepingcomputer.com/news/security/sandhills-online-machinery-markets-shut-down-by-ransomware-attack/\r\nPage 4 of 4",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"references": [
		"https://www.bleepingcomputer.com/news/security/sandhills-online-machinery-markets-shut-down-by-ransomware-attack/"
	],
	"report_names": [
		"sandhills-online-machinery-markets-shut-down-by-ransomware-attack"
	],
	"threat_actors": [],
	"ts_created_at": 1775434043,
	"ts_updated_at": 1775791269,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/f4f4ce5c7894feab129c94b1fdd97577c257cba3.pdf",
		"text": "https://archive.orkl.eu/f4f4ce5c7894feab129c94b1fdd97577c257cba3.txt",
		"img": "https://archive.orkl.eu/f4f4ce5c7894feab129c94b1fdd97577c257cba3.jpg"
	}
}