“Meow” attacks delete nearly 4.000 unsecured databases. The attackers and their intentions are so far unknown, but they are again showing the risks of inadequate data security.
In the last few days thousands of unsecured databases have been attacked automatically and the stored data has been deleted. The attacks are known as "Meow" attacks, as the data is overwritten with the character string "Meow", among other things. Furthermore, no explanation is left for the data destruction.
As a search in Shodan shows, the "Meow" attacks have spread over the past few days. Almost 4.000 databases have now been deleted. More than 97% of the attacks target Elasticsearch and MongoDB databases, but other systems such as Cassandra, CouchDB, Redis, Hadoop, Jenkins and Apache ZooKeeper were also attacked. According to the findings of a security researcher on Twitter, the attacks were carried out via IP addresses by ProtonVPN. Proton then promised: "We will look into this and will block any use of ProtonVPN that violates our terms and conditions."
One of the first known Meow attacks targeted the Elasticsearch database of a VPN provider that had recently hit the headlines. The unsecured database discovered by security researcher Bob Diachenko apparently contained data from over 20 million users from 7 VPN services.
Find out more at ESET WeLiveSecurity.com
About ESET ESET is a European company with headquarters in Bratislava (Slovakia). ESET has been developing award-winning security software since 1987 that has already helped over 100 million users enjoy secure technology. The broad portfolio of security products covers all common platforms and offers companies and consumers worldwide the perfect balance between performance and proactive protection. The company has a global sales network in over 180 countries and branches in Jena, San Diego, Singapore and Buenos Aires. For more information, visit www.eset.de or follow us on LinkedIn, Facebook and Twitter.