Ransomware Attack on Certified Transmission by MEOW Group

Certified Transmission, a prominent player in the automotive transmission remanufacturing and repair industry, has fallen victim to a ransomware attack orchestrated by the MEOW group. The attack has compromised over 30 GB of sensitive data, posing significant risks to the company's operational integrity and reputation.

Company Overview

Founded in 1979 and headquartered in Omaha, Nebraska, Certified Transmission specializes in the remanufacturing and wholesale distribution of vehicle transmissions. The company operates two remanufacturing facilities and maintains a network of 15 distributors and 14 retail locations across the United States. With approximately 500 employees, Certified Transmission is known for its high-quality products and exceptional customer service, guided by the principle "The Job Done Right...At The Right Price."

What Sets Certified Transmission Apart

Certified Transmission is distinguished by its commitment to quality and customer satisfaction. The company offers remanufactured transmissions that meet or exceed OEM specifications and provides a comprehensive warranty program, including a nationwide transferable warranty of 5 years or 100,000 miles. This dedication to quality and customer care has earned the company multiple awards, including the Better Business Bureau's National Torch Award for Marketplace Ethics.

Details of the Ransomware Attack

The MEOW ransomware group claims to have exfiltrated over 30 GB of sensitive data from Certified Transmission. The compromised data includes employee information, client details, scanned payment documents, personal data such as dates of birth, driver's license scans, social security numbers, and financial documents. The attackers have showcased sample screenshots of the stolen data on their dark web portal and are marketing it to potential buyers.

About MEOW Ransomware Group

MEOW Ransomware emerged in late 2022 and is associated with the Conti v2 ransomware variant. The group primarily targets organizations in the United States, employing various infection methods such as phishing emails, exploit kits, Remote Desktop Protocol (RDP) vulnerabilities, and malvertising. Once a system is compromised, the ransomware encrypts files using a combination of the ChaCha20 and RSA-4096 algorithms. MEOW Ransomware is known for posting victim data on their leak site if the ransom is not paid.

Potential Vulnerabilities

Certified Transmission's extensive network and large workforce may have contributed to its vulnerability to ransomware attacks. The company's reliance on digital systems for managing sensitive data, combined with potential weaknesses in cybersecurity measures, could have provided an entry point for the MEOW group. The attack underscores the critical need for enhanced cybersecurity protocols to protect against increasingly sophisticated ransomware threats.

Sources

• Certified Transmission
• SOCRadar - Dark Web Profile: MEOW Ransomware
• SalvageData - MEOW Ransomware
• WatchGuard - MEOW Ransomware
• PCRisk - MEOW Ransomware