Ransomware Attack on Artesanía Chopo by Meow Ransomware Group

Artesanía Chopo, a prominent Spanish company specializing in arts and crafts supplies, has recently fallen victim to a ransomware attack orchestrated by the notorious Meow ransomware group. The attackers have claimed responsibility for exfiltrating over 85 GB of sensitive data from the company, posing significant risks to the privacy and security of both employees and customers.

About Artesanía Chopo

Artesanía Chopo, officially registered as Artesania Chopo S.L., is based in Fuenlabrada, Madrid, Spain. The company is recognized as the largest distributor of craft and fine arts products in the country, catering to both retail and wholesale markets. With a modest size, employing approximately 11 individuals and generating an estimated revenue of around $1 million annually, Artesanía Chopo stands out due to its extensive inventory and commitment to serving the crafting community.

The company operates both physical stores and an online shop, offering a wide range of materials and tools for various artistic endeavors. They are well-regarded for their creative workshops and educational initiatives, which help customers develop their skills and explore new artistic techniques. Artesanía Chopo also maintains an active online presence, particularly on YouTube, where they share tutorials and project ideas under the channel name "ManualidadesChopo."

Attack Overview

The ransomware attack on Artesanía Chopo was claimed by the Meow ransomware group via their dark web leak site. The attackers have reportedly exfiltrated over 85 GB of sensitive data, including employee information, client details, scanned payment documents, internal company expenses, and other personal and sensitive information. The ransom demand for the return of the stolen data is set at $12,000.

This breach poses significant risks to the company's reputation and operations, potentially impacting the trust and confidence of their customers and business partners. The attack highlights the vulnerabilities that small to medium-sized enterprises face in the ever-evolving landscape of cyber threats.

About Meow Ransomware Group

Meow Ransomware is a ransomware group that emerged in late 2022, associated with the Conti v2 ransomware variant. They have been active in targeting victims, primarily in the United States, but have also attacked entities in other countries. The group employs various infection methods, including phishing emails, exploit kits, Remote Desktop Protocol (RDP) vulnerabilities, and malvertising.

Once a system is compromised, Meow Ransomware encrypts files using a combination of the ChaCha20 and RSA-4096 algorithms. They leave behind a ransom note named "readme.txt" that instructs victims to contact the group via email or Telegram to negotiate the ransom payment. The group is known for targeting industries with sensitive data, such as healthcare and medical research, and has been identified as the "Anti-Russian Extortion Group" due to their targeting of entities in response to the Russia-Ukraine war.

Potential Vulnerabilities

Artesanía Chopo's extensive online presence and reliance on digital platforms for both retail and educational purposes may have made them an attractive target for the Meow ransomware group. The company's modest size and limited resources could also contribute to potential vulnerabilities in their cybersecurity defenses, making it easier for threat actors to penetrate their systems.

• Artesanía Chopo Official Website
• SOCRadar - Dark Web Profile: Meow Ransomware
• SalvageData - Meow Ransomware
• WatchGuard - Meow Ransomware
• ManualidadesChopo YouTube Channel