Modulkit Hit by Meow Ransomware: 3GB of Sensitive Data Stolen
Ransomware Attack on Modulkit: Meow Ransomware Group Claims Responsibility
Modulkit, a prominent manufacturer of modular and custom wardrobes based in Manresa, Barcelona, has recently fallen victim to a ransomware attack orchestrated by the notorious Meow ransomware group. The attack has resulted in the exfiltration of over 3 GB of sensitive data, posing a significant threat to the company's operations and reputation.
Company Profile
Modulkit, officially registered as MODULKIT 21 SL, specializes in the design and manufacturing of modular furniture, with a particular focus on wardrobes. The company offers a diverse range of products, including sliding and hinged wardrobes, bespoke closet systems, and sanitary cabins. Modulkit is known for its innovative and customizable solutions, catering to both residential and commercial projects. The company operates primarily in the household and institutional furniture and kitchen cabinet manufacturing sector and is classified as a small to medium-sized enterprise (SME).
Attack Overview
The Meow ransomware group has claimed responsibility for the attack on Modulkit via their dark web leak site. The attackers have reportedly exfiltrated sensitive employee information, client details, scanned payment documents, personal data, technical drawings, and project designs. This breach not only threatens the security of Modulkit's clients and employees but also jeopardizes the company's reputation for high-quality, customizable furniture solutions.
About Meow Ransomware Group
Meow Ransomware emerged in late 2022 and has been associated with the Conti v2 ransomware variant. The group is known for targeting industries with sensitive data, such as healthcare and medical research. Meow Ransomware employs various infection methods, including phishing emails, exploit kits, Remote Desktop Protocol (RDP) vulnerabilities, and malvertising. Once a system is compromised, the ransomware encrypts files using a combination of the ChaCha20 and RSA-4096 algorithms. The group maintains a data leak site where they list victims who have not paid the ransom.
Penetration and Vulnerabilities
The exact method of penetration in the Modulkit attack is not publicly disclosed, but it is likely that the attackers exploited common vulnerabilities such as phishing emails or RDP vulnerabilities. Modulkit's focus on high-quality, customizable solutions and its extensive catalog of technical drawings and project designs make it an attractive target for ransomware groups seeking valuable data. The breach underscores the importance of stringent cybersecurity measures, particularly for SMEs in the manufacturing sector.
See Halcyon in action
Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!