Meow Ransomware Strikes NOBI AS: Major Operational Disruption
Incident Date:
August 31, 2024
Overview
Title
Meow Ransomware Strikes NOBI AS: Major Operational Disruption
Victim
NOBI AS
Attacker
Meow
Location
First Reported
August 31, 2024
Ransomware Attack on NOBI AS by Meow Ransomware Group
NOBI AS, a Norwegian company specializing in the manufacturing sector, has recently fallen victim to a ransomware attack orchestrated by the notorious Meow Ransomware group. The attack has significantly impacted the company's operations, compromising sensitive data and disrupting business activities.
About NOBI AS
Established in 1983, NOBI AS operates out of Voss, Hordaland, Norway, and is involved in various industries, including aerospace, agriculture, construction, and mining machinery. The company also produces alumina, aluminum, and non-metallic mineral products. With a workforce of 201-500 employees, NOBI AS is classified as a medium-sized enterprise. The company is known for its diverse range of concrete solutions for construction applications, including water and wastewater systems, building materials, and transportation-related items.
Attack Overview
The ransomware attack on NOBI AS was claimed by the Meow Ransomware group via their dark web leak site. The cybercriminals have encrypted the company's data, leaving NOBI AS to assess the extent of the damage and explore potential recovery options. The attack underscores the growing threat of ransomware and highlights the importance of enhanced cybersecurity measures.
About Meow Ransomware Group
Meow Ransomware emerged in late 2022 and is associated with the Conti v2 ransomware variant. The group employs various infection methods, including phishing emails, exploit kits, Remote Desktop Protocol (RDP) vulnerabilities, and malvertising. Once a system is compromised, the ransomware encrypts files using a combination of the ChaCha20 and RSA-4096 algorithms. Meow Ransomware is known for targeting industries with sensitive data, such as healthcare and medical research, and has been active primarily in the United States.
Penetration and Impact
The exact method used by Meow Ransomware to penetrate NOBI AS's systems remains unclear. However, common tactics include exploiting vulnerabilities in RDP, phishing attacks, and malvertising. The attack has left NOBI AS grappling with operational disruptions and potential data breaches, emphasizing the need for enhanced cybersecurity protocols.
Sources
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.