Meow Ransomware Hits Texas Law Firm, 360GB Data Compromised
Incident Date:
July 26, 2024
Overview
Title
Meow Ransomware Hits Texas Law Firm, 360GB Data Compromised
Victim
Villarreal and Begum Law Firm
Attacker
Meow
Location
First Reported
July 26, 2024
Ransomware Attack on Villarreal & Begum Law Firm by Meow Group
Overview of Villarreal & Begum Law Firm
Villarreal & Begum Law Firm, also known as Law Guns, is a Texas-based legal practice specializing exclusively in personal injury law. The firm operates on a contingency fee basis, ensuring clients only pay if compensation is successfully recovered. With multiple offices across Texas, including San Antonio, Austin, McAllen, and Laredo, the firm is dedicated to assisting clients who have suffered injuries due to negligence. Their client-centered approach emphasizes responsiveness, compassion, and clear guidance throughout the legal process.
Details of the Ransomware Attack
The Meow ransomware group has claimed responsibility for a cyberattack on Villarreal & Begum Law Firm. The attackers reportedly exfiltrated 360 GB of sensitive data, including agreements, photos, client details such as IDs, locations, photos, and card information, as well as financial data, bank accounts, and HR records. The hackers are demanding a ransom of $6,000 to prevent the release of this compromised information. The firm has not disclosed any details about the attack.
About Meow Ransomware Group
Meow Ransomware emerged in late 2022 and resurfaced in 2024, using the Conti v2 ransomware variant. The group primarily targets organizations in the United States, focusing on industries with sensitive data, such as healthcare and legal services. Meow Ransomware employs various infection methods, including phishing emails, exploit kits, Remote Desktop Protocol (RDP) vulnerabilities, and malvertising. Once a system is compromised, the ransomware encrypts files using a combination of the ChaCha20 and RSA-4096 algorithms. The group maintains a data leak site where they list victims who have not paid the ransom.
Vulnerabilities and Penetration Methods
Villarreal & Begum Law Firm's focus on personal injury law means they handle a significant amount of sensitive client data, making them an attractive target for ransomware groups like Meow. The firm's extensive use of digital records and communication channels could have exposed them to vulnerabilities such as phishing attacks or RDP exploits. The ransomware group likely penetrated the firm's systems through one of these methods, leading to the encryption and exfiltration of critical data.
Sources
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.