New ‘Meow’ attack has wiped dozens of unsecured databases

CyberTech

CyberTech

Level 44
Thread author
Verified
Top Poster
Well-known
Nov 10, 2017
3,250
Content source
https://www.bleepingcomputer.com/news/security/new-meow-attack-has-wiped-dozens-of-unsecured-databases/
Dozens of unsecured databases exposed on the public web are the target of an automated 'meow' attack that destroys data without any explanation.

The activity started recently and hits Elasticsearch and MongoDB instances indiscriminately without leaving any explanation, or even a ransom note.

A quick search by BleepingComputer on the IoT search engine Shodan has found dozens of databases that have been affected by this attack.

These attacks have pushed researchers into a race to find the exposed databases and report them responsibly before they become 'meowed.'

Cat's out of the bag
The most recent publicly known example of a Meow attack is an Elasticsearch database belonging to a VPN provider that claimed not to keep any logs.

Discovered by researcher Bob Diachenko, the database was initially secured in July only to become exposed again five days later.

The second time, though, the owner no longer received a well-intended notification. Instead, they got ‘meowed,’ with almost all records getting wiped.
Click to expand...
 
  • Like
  • +Reputation
Reactions: Protomartyr, shmu26, ForgottenSeer 85179 and 5 others
upnorth

upnorth

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Jul 27, 2015
5,459
It’s not the first time attackers have targeted unsecured databases, which have become increasingly common with the growing use of cloud computing services from Amazon, Microsoft, and other providers. In some cases, the motivation is to make money through ransomware rackets. In other cases—including the current Meow attacks—the data is simply wiped out with no ransomware note or any other explanation. The only thing left behind in the current attacks in the word “meow.”
Click to expand...
meow-attack.jpg
arstechnica.com

Ongoing Meow attack has nuked >1,000 databases without telling anyone why

Ongoing attack hitting unsecured data leaves the word “meow” as its calling card.
arstechnica.com arstechnica.com
 
  • Like
Reactions: Protomartyr, CyberTech, Andy Ful and 2 others
You must log in or register to reply here.

Similar threads

[correlate]
    • Like
    • +Reputation
    • Wow
Leaky Server Exposing Scraped Data of 150,000 Mastodon Users
Replies
0
Views
520
News Archive
[correlate]
[correlate]
Gandalf_The_Grey
    • Wow
    • +Reputation
Mangatoon data breach exposes data from 23 million accounts
Replies
0
Views
704
News Archive
Gandalf_The_Grey
Gandalf_The_Grey
Gandalf_The_Grey
    • Like
    • Wow
Who owns this huge database of leaked VPN user details?
Replies
0
Views
736
News Archive
Gandalf_The_Grey
Gandalf_The_Grey

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top