In recent days the Vanderbilt University Medical Centera hospital system based in the US state of Tennessee has been hit by ransomware Meow.
Following the attack, as confirmed by the institute, the database was compromised and all the information contained within it was stolen. Despite this, apparently, the operation did not affect the personal data Of patients e employees.
Despite this, according to some experts there are strong doubts regarding the group behind this attack: Meow, in fact, is a malevolent agent that acts to steal cryptocurrencies. The attack on a hospital system, therefore, is not in line with the habits of these cybercriminals.
What is certain is that American healthcare is now under attack and, having to deal with another ransomware like Meow, represents yet another danger for cybersecurity experts to monitor. Just a few days ago, for example, the news of the massive theft of patient data caused a sensation 9 million people involved, which has overwhelmed the US healthcare sector.
Meow Ransomware: despite the decryptor, it remains a real threat
The ransomware involved in this attack works by encrypting the victim’s files, adding the extension .MEOW to infected files. Once the malicious agent has encrypted the data, it uploads a file to the victim’s device readme.txtwhere the ransom note is shown.
Security experts, carefully examining the malicious code, have identified far from coincidental similarities with Conti. Apparently, therefore, Meow could easily be a derivative of the aforementioned ransomware.
Before the publication of a specific decryptor freeprovided by the experts at Kaspersky several months ago, Meow hit well 257 organizations. Despite the work of the experts, however, the group that manages the ransomware apparently remains active and dangerous.