Ransom crooks claim legendary music tech company Marshall as victim


Marshall, a British amplifier and speaker-cabinet maker, was added to the victim list of ransomware gang Black Basta’s dark-web blog.

Ransomware gang Black Basta added the legendary music equipment maker to its leak site, which cybercriminals use to claim attacks and showcase their latest victims.

Usually, organizations appear on a ransomware gang’s site after threat actors have breached the company and stolen its data. We have reached out to Marshall via its “contact us” page, but did not receive a reply before going to press.

Marshall started selling music equipment in 1962 and was instrumental in developing the rock-music scene of the era. To this day, Marshall amplifiers and speaker cabinets can still be seen in concerts alongside contemporary musicians.

Marshall Black Basta
Marshall on Black Basta's leak site. Image by Cybernews.

Black Basta first appeared in 2022, hitting dozens of companies in its first few weeks. According to the dark-web monitoring platform, DarkFeed, Black Basta has struck 153 organizations since its strain of malware was first discovered.

The gang employs double-extortion tactics to muscle victims into paying a ransom. Cybercriminals that use this model often publish stolen data bit by bit, expecting victims to succumb to internal and external pressure.

Researchers believe Black Basta operators are associated with the notorious Russia-linked cybercrime gang FIN7, reported in November last year as having been active players in the cyber espionage underworld for around a decade.