Meow Ransomware Hits Diamcad: 120GB Data Stolen in Cyber Attack
Incident Date:
August 28, 2024
Overview
Title
Meow Ransomware Hits Diamcad: 120GB Data Stolen in Cyber Attack
Victim
Diamcad
Attacker
Meow
Location
First Reported
August 28, 2024
Meow Ransomware Group Targets Diamcad in Major Cyber Attack
Diamcad, a prominent diamond company based in Antwerp, Belgium, has fallen victim to a ransomware attack orchestrated by the Meow ransomware group. The attackers claim to have exfiltrated over 120 GB of sensitive data from Diamcad, a company renowned for its expertise in diamond assessment, cutting, and polishing.
About Diamcad
Diamcad operates in the manufacturing sector, specifically within the diamond industry. Established in 1989, the company has over three decades of experience and employs approximately 33 full-time equivalents (FTEs). Diamcad reported an annual turnover of €48,091,756 as of its most recent financial statements. The company is headquartered in Antwerp's diamond district, a strategic location that underscores its prominence in the global diamond market.
Diamcad specializes in the assessment, cutting, and polishing of high-value diamonds. Their operations are characterized by the use of advanced optimization algorithms and cutting-edge laser sawing techniques. This blend of traditional craftsmanship and modern technology has enabled Diamcad to work on some of the world's most famous diamonds, including the Lesedi la Rona and the Queen of Kalahari.
Attack Overview
The Meow ransomware group has claimed responsibility for the attack on Diamcad via their dark web leak site. The group alleges that they have exfiltrated over 120 GB of sensitive data from Diamcad's systems. To substantiate their claims, Meow has posted sample screenshots of the stolen data, increasing the pressure on Diamcad to respond to the breach.
About Meow Ransomware Group
Meow Ransomware emerged in late 2022 and is associated with the Conti v2 ransomware variant. The group resurfaced in late 2023 and has been highly active in 2024. Meow Ransomware primarily targets industries with sensitive data, such as healthcare and medical research. They employ various infection methods, including phishing emails, exploit kits, Remote Desktop Protocol (RDP) vulnerabilities, and malvertising.
Once a system is compromised, Meow Ransomware encrypts files using a combination of the ChaCha20 and RSA-4096 algorithms. The group leaves behind a ransom note named "readme.txt," instructing victims to contact them via email or Telegram to negotiate the ransom payment. Security researchers have identified the threat actors behind Meow Ransomware as the "Anti-Russian Extortion Group," likely due to their targeting of entities in response to the Russia-Ukraine war.
Potential Vulnerabilities
Diamcad's reliance on advanced technology and digital systems for diamond assessment and processing may have made them a target for ransomware groups like Meow. The company's significant turnover and high-value assets further increase its attractiveness to cybercriminals. The attack highlights the importance of stringent cybersecurity measures, especially for companies operating in high-stakes industries like diamond manufacturing.
Sources
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.