Ransomware Attack Hits Miami Gardens: Meow Group Strikes Again

Incident Date: Jul 26, 2024

Attack Overview
VICTIM
Miami Gardens Florida
INDUSTRY
Government
LOCATION
USA
ATTACKER
Meow
FIRST REPORTED
July 26, 2024

Ransomware Attack on Miami Gardens, Florida by Meow Ransomware Group

Overview of the Attack

The City of Miami Gardens, Florida, has recently fallen victim to a ransomware attack orchestrated by the notorious Meow ransomware group. Discovered on July 24, 2024, the attack targeted the municipal website miamigardens-fl.gov. The extent of the data leak remains unknown, leaving the potential exposure of sensitive information uncertain.

About Miami Gardens

Incorporated in 2003, Miami Gardens is the third largest city in Miami-Dade County. The city operates under a Mayor-Council-Manager form of government and provides a diverse range of services aimed at enhancing the quality of life for its residents. Key departments include Building Services, Code Enforcement and Business Licensing, Community Services, Finance, Parks & Recreation, Public Works, and Planning & Zoning. The city is known for its community engagement initiatives and strategic development plans, such as the construction of the Miami Gardens City Center.

Vulnerabilities and Targeting

Municipal entities like Miami Gardens are often targeted by ransomware groups due to the sensitive nature of the data they handle and the critical services they provide. The city's extensive use of digital platforms for managing permits, licenses, and community services makes it a lucrative target for cybercriminals. The attack on Miami Gardens highlights the vulnerabilities in public sector cybersecurity, particularly in smaller municipalities that may lack robust defenses.

About Meow Ransomware Group

Meow Ransomware emerged in late 2022 and has been particularly active in 2024. The group is associated with the Conti v2 ransomware variant and primarily targets organizations in the United States. Meow Ransomware employs various infection methods, including phishing emails, exploit kits, Remote Desktop Protocol (RDP) vulnerabilities, and malvertising. Once a system is compromised, the ransomware encrypts files using a combination of the ChaCha20 and RSA-4096 algorithms.

Distinguishing Features of Meow Ransomware

Meow Ransomware is known for its aggressive tactics and high-profile targets. The group maintains a data leak site where they list victims who have not paid the ransom. They frequently target industries with sensitive data, such as healthcare and municipal services. The ransomware leaves behind a ransom note named "readme.txt," instructing victims to contact the group via email or Telegram to negotiate the ransom payment.

Potential Penetration Methods

While the exact method of penetration in the Miami Gardens attack is not yet confirmed, Meow Ransomware typically exploits vulnerabilities in RDP, uses phishing emails, and deploys exploit kits. These methods allow the group to gain unauthorized access to systems and deploy their ransomware payload, leading to the encryption of critical files and services.

Sources

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

1
2
3
Let's get started
1
1
2
3
1
1
2
2
3
Back
Next
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.