blackbyte attacks M+R SPEDAG GROUP

Incident Date:

May 2, 2022

World map



blackbyte attacks M+R SPEDAG GROUP






Muttenz, Switzerland

Muttenz, Switzerland

First Reported

May 2, 2022

M+R Spedag Group Targeted by BlackByte Ransomware Group

M+R Spedag Group, a Switzerland-based international freight and logistics company, has been targeted by the BlackByte ransomware group. The attack was announced on the group's dark web leak site, and the victim's website is The company operates in the Transportation sector and offers industry-specific solutions for various industries.

Company Overview

M+R Spedag Group provides comprehensive logistics and transport services, covering all important segments in the field of logistics and transport. They are committed to corporate and ecological responsibility, and their company magazine, HORIZON, reports about highlights of their activities worldwide.

Vulnerabilities and Targeting

The attack on M+R Spedag Group highlights the increasing targeting of supply chain and logistics companies by ransomware groups. These attacks can cause significant disruption and financial losses, as seen in the case of Toll Group, which was forced to shut down online systems and experienced delays in deliveries after a ransomware attack.

Mitigating Ransomware Attacks

To mitigate the risks of ransomware attacks, companies should maintain a crisis management plan, regularly communicate with customers, and ensure they have a means of being contactable by their customers and answerable to any questions. Additionally, keeping software up to date and using reputable anti-virus/anti-spyware suites can help protect against ransomware infections.


  • Toll held to ransom as cyber attack stalls deliveries - AFR. URL:
  • A Cyberattack Forced a Logistics Company to Temporarily Halt Operations. URL: (URL not found, please refer to credible news sources for information)
  • Weekly Ransomware Wrap-Up: May 6, 2022 - SpearTip. URL:
  • As ransomware attacks hit trucking, victims face costly dilemma. URL: (URL not found, please refer to credible news sources for information)
  • .data (Dharma) Ransomware - Decryption, removal, and lost files. URL: (URL not found, please refer to credible cybersecurity resources for information)

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.