EnviroNET Inc. Falls Victim to Meow Ransomware Attack

EnviroNET Inc., a prominent environmental consulting firm based in Davenport, Iowa, has recently been targeted by the notorious Meow Ransomware group. The attack has resulted in the exfiltration of over 220 GB of sensitive data, which has been disclosed on the ransomware group's dark web leak site.

About EnviroNET Inc.

EnviroNET Inc. specializes in providing comprehensive environmental management solutions, focusing on monitoring and controlling environmental impacts across various industries. Established in 1995, this Veteran-Owned and SBA-certified HUBZone firm operates out of Kamuela, Hawaii, with additional operations in Davenport, Iowa. The company employs approximately 24 individuals and has an annual revenue of about $23.9 million.

EnviroNET Inc. is recognized for its innovative monitoring solutions, which include advanced systems for air quality monitoring, water quality assessment, and waste management. These services are crucial for compliance with regulatory standards and for promoting public health. The company also offers consulting services to guide clients through the complexities of environmental regulations and best practices.

Details of the Ransomware Attack

The ransomware attack on EnviroNET Inc. has exposed a significant amount of confidential data, including employee records, client information, and personal documents such as identification scans. The compromised data reportedly includes sensitive information from a range of clients, including municipal, property, and federal organizations, primarily located in the Midwest.

This incident highlights the vulnerabilities faced by organizations that manage sensitive environmental and engineering data. The exposure of both corporate and individual information underscores the significant risks associated with such data breaches.

About Meow Ransomware Group

Meow Ransomware is a group that emerged in late 2022 and has been associated with the Conti v2 ransomware variant. The group employs various infection methods, including phishing emails, exploit kits, Remote Desktop Protocol (RDP) vulnerabilities, and malvertising. Once a system is compromised, the ransomware encrypts files using a combination of the ChaCha20 and RSA-4096 algorithms.

Meow Ransomware is known for targeting industries with sensitive data, such as healthcare and medical research. They maintain a data leak site where they list victims who have not paid the ransom. The group leaves behind a ransom note named "readme.txt" that instructs victims to contact them via email or Telegram to negotiate the ransom payment and retrieve their encrypted files.

Potential Vulnerabilities

EnviroNET Inc.'s focus on environmental monitoring and consulting services makes it a prime target for ransomware groups like Meow. The company's reliance on advanced technological solutions and the sensitive nature of the data it handles increase its vulnerability to cyberattacks. The use of RDP vulnerabilities and phishing emails by the Meow Ransomware group could have been potential entry points for the attack.

Sources

• ENVEA Global
• Better Business Bureau
• SOCRadar
• SalvageData
• Alvaka Networks