Friend
Professional
- Messages
- 2,653
- Reaction score
- 845
- Points
- 113
In August, Meow accounted for 9% of all global ransomware attacks.
The Meow group has become the second most active cybercriminal organization, significantly increasing the number of attacks after rebranding. Meow emerged in March of this year as one of the four groups formed after the breakup of Conti. However, it has long been overshadowed by more well-known groups such as LockBit and RansomHub.
According to an August report by Check Point, Meow accounted for 9% of all global ransomware attacks, second only to RansomHub, which has confidently taken the place of LockBit. Meow is taking a new approach by shifting its focus from encrypting victims' files to stealing data, which is reminiscent of the strategy of another well-known group – Cl0p.
Initially, Meow functioned as a ransomware (RaaS), providing tools to carry out attacks. However, the group is now focusing on pure extortion, selling stolen data. For access to stolen data, Meow offers two payment options. The first option is a lower price for access to information, which can be purchased by others. The second option is a significantly higher amount for exclusive access, in which the data is allegedly deleted from the leaked site and is no longer sold. However, there are no guarantees that the information will actually be deleted and will not fall into the hands of others, and criminals can break their promise.
The cost of "non-exclusive" access ranges from $4,000 to $10,000, although some data is estimated to be as low as $150 to $40,000. Selling data instead of leaking it is generally considered a last resort for ransomware, however, in the case of Meow, it has become a mainstream strategy.
Experts from Check Point note that while the group's new tactics may be an attempt to stand out from competitors and increase pressure on victims, its profitability is questionable. Many cases of data being sold do not generate the expected revenue, as the information is often unclaimed by other cybercriminals.
Meanwhile, RansomHub remained the leader in the number of attacks in August, accounting for 15% of all ransomware attacks. This group, which replaced LockBit and ALPHV/BlackCat, uses sophisticated encryption techniques and targets Windows, macOS, Linux, and VMware ESXi systems. RansomHub strengthened its leadership after it received former partners of disbanded groups into its ranks.
Despite the active actions of law enforcement agencies, LockBit continues to operate, although it has lost most of its power. In August, 8% of attacks were still related to the use of its LockBit 3 ransomware, which has long been available for use by other criminals after its source code was leaked.
Experts warn that the cybercrime market remains tense, and organizations need to be more vigilant to protect themselves from the growing ransomware threat.
Source
The Meow group has become the second most active cybercriminal organization, significantly increasing the number of attacks after rebranding. Meow emerged in March of this year as one of the four groups formed after the breakup of Conti. However, it has long been overshadowed by more well-known groups such as LockBit and RansomHub.
According to an August report by Check Point, Meow accounted for 9% of all global ransomware attacks, second only to RansomHub, which has confidently taken the place of LockBit. Meow is taking a new approach by shifting its focus from encrypting victims' files to stealing data, which is reminiscent of the strategy of another well-known group – Cl0p.
Initially, Meow functioned as a ransomware (RaaS), providing tools to carry out attacks. However, the group is now focusing on pure extortion, selling stolen data. For access to stolen data, Meow offers two payment options. The first option is a lower price for access to information, which can be purchased by others. The second option is a significantly higher amount for exclusive access, in which the data is allegedly deleted from the leaked site and is no longer sold. However, there are no guarantees that the information will actually be deleted and will not fall into the hands of others, and criminals can break their promise.
The cost of "non-exclusive" access ranges from $4,000 to $10,000, although some data is estimated to be as low as $150 to $40,000. Selling data instead of leaking it is generally considered a last resort for ransomware, however, in the case of Meow, it has become a mainstream strategy.
Experts from Check Point note that while the group's new tactics may be an attempt to stand out from competitors and increase pressure on victims, its profitability is questionable. Many cases of data being sold do not generate the expected revenue, as the information is often unclaimed by other cybercriminals.
Meanwhile, RansomHub remained the leader in the number of attacks in August, accounting for 15% of all ransomware attacks. This group, which replaced LockBit and ALPHV/BlackCat, uses sophisticated encryption techniques and targets Windows, macOS, Linux, and VMware ESXi systems. RansomHub strengthened its leadership after it received former partners of disbanded groups into its ranks.
Despite the active actions of law enforcement agencies, LockBit continues to operate, although it has lost most of its power. In August, 8% of attacks were still related to the use of its LockBit 3 ransomware, which has long been available for use by other criminals after its source code was leaked.
Experts warn that the cybercrime market remains tense, and organizations need to be more vigilant to protect themselves from the growing ransomware threat.
Source
