meow
1 incidentes
1 paises
1 sectores
ransomware RU Ultimo: 2026-06-25
Aliases: MeowCorp, Meow2022, MeowLeaks
Meow initially emerged in July 2020 as a destructive threat actor focused on wiping publicly exposed and unsecured databases, often replacing their contents with the word 'meow' or random strings without demanding a ransom. This initial phase was characterized by data destruction for its own sake or to highlight vulnerabilities. The group evolved, and by late 2022, a variant under the 'Meow' name began operating as a ransomware group, leveraging leaked Conti v2 codebase to encrypt files and demand payment. Following a decryptor release in March 2023, this ransomware operation ceased. However, a distinct group or an evolution, often referred to as Meow Leaks or MeowCorp, resurfaced in late 2023 and 2024, shifting its primary model to data exfiltration and extortion, selling stolen data on dark web marketplaces rather than encrypting systems. This group targets a wide range of organizations globally, focusing on pressuring victims by threatening to leak sensitive information.
RansomLook pivots
Data, inteligencia y referencias externas para contrastar actividad ransomware del actor.
Paises afectados
United States (1)Paises objetivo (SOCRadar)
United Arab Emirates
Argentina
Austria
Australia
Belgium
Brazil
Canada
Switzerland
Chile
ChinaSectores atacados
Healthcare (1)
Sectores objetivo (SOCRadar)
Construction of BuildingsFood ManufacturingOther Information ServicesSoftware PublishersReal EstateHospitalsAccommodationManufacturingConstructionElectrical Equipment, Appliance, and Component Manufacturing