Hundreds of unsecured databases exposed on the public web are the target of an automated 'meow' attack that destroys data without any explanation.
The activity started recently by hitting Elasticsearch and MongoDB instances without leaving any explanation, or even a ransom note. Attacks then expanded to other database types and to file systems open on the web.
A quick search by BleepingComputer on the IoT search engine Shodan initially found dozens of databases that have been affected by this attack. Recently, the number of wiped databases increased to over 1,800.
These attacks have pushed researchers into a race to find the exposed databases and report them responsibly before they become 'meowed.'
Cat's out of the bag
One of the first publicly known examples of a Meow attack is an Elasticsearch database belonging to a VPN provider that claimed not to keep any logs.
Discovered by researcher Bob Diachenko, the database was initially secured in July only to become exposed again five days later.
The second time, though, the owner no longer received a well-intended notification. Instead, they got ‘meowed,’ with almost all records getting wiped.
Read full article on https://www.bleepingcomputer.com/news/security/new-meow-attack-has-deleted-almost-4-000-unsecured-databases/
#ransomware #datastorage #security #yokdata