Gaston Fence Co. Hit by Meow Ransomware: 20GB of Sensitive Data Compromised

Incident Date:

August 13, 2024

World map

Overview

Title

Gaston Fence Co. Hit by Meow Ransomware: 20GB of Sensitive Data Compromised

Victim

Gaston Fence Co., Inc

Attacker

Meow

Location

Dallas, USA

North Carolina, USA

First Reported

August 13, 2024

Ransomware Attack on Gaston Fence Co., Inc. by Meow Ransomware Group

Gaston Fence Co., Inc., a well-established fencing solutions provider based in Dallas, North Carolina, has recently fallen victim to a ransomware attack orchestrated by the notorious Meow Ransomware group. This attack has resulted in the compromise of over 20 GB of sensitive data, including employee information, client details, document scans, and financial records.

Company Profile

Founded in 1965, Gaston Fence Co., Inc. specializes in a comprehensive range of fencing solutions tailored to residential, agricultural, commercial, and industrial applications. The company operates primarily in the western Piedmont of North Carolina and upstate South Carolina. Over its three generations of operation, Gaston Fence has built a reputation for quality and service, offering products such as residential fences, farm fencing, commercial and industrial fencing, access control systems, temporary fencing, and guard rails.

Gaston Fence Co. is notable for its designation as a Blue Ribbon Contractor by the American Fence Association, a recognition awarded to companies that demonstrate the highest ethical and professional standards in the industry. The company employs between 11 and 50 individuals and has a strong presence in its service area, handling projects for governmental agencies, hospitals, schools, and private residences.

Attack Overview

The Meow Ransomware group has claimed responsibility for the attack on Gaston Fence Co., Inc. via their dark web leak site. The attackers are offering the stolen data for sale, with a price tag of $6,000, and a discounted rate of $2,000 for multiple buyers. This breach poses a significant threat to the company's reputation and the privacy of its clients and employees.

About Meow Ransomware Group

Meow Ransomware emerged in late 2022 and is associated with the Conti v2 ransomware variant. The group has been highly active, primarily targeting victims in the United States. Meow Ransomware employs various infection methods, including phishing emails, exploit kits, Remote Desktop Protocol (RDP) vulnerabilities, and malvertising. Once a system is compromised, the ransomware encrypts files using a combination of the ChaCha20 and RSA-4096 algorithms.

The group maintains a data leak site where they list victims who have not paid the ransom. They are known for targeting industries with sensitive data, such as healthcare and medical research. The ransomware group leaves behind a ransom note named "readme.txt" that instructs victims to contact them via email or Telegram to negotiate the ransom payment.

Potential Vulnerabilities

Gaston Fence Co., Inc.'s extensive handling of sensitive data, including employee and client information, makes it a prime target for ransomware attacks. The company's reliance on digital systems for operations and record-keeping could have provided multiple entry points for the attackers. The use of phishing emails and RDP vulnerabilities are common methods employed by ransomware groups like Meow to penetrate company systems.

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.