‘Meow’ Attack Has Now Wiped Nearly 4,000 Databases

On Thursday long-time Slashdot reader PuceBaboon wrote: Ars Technica is reporting a new attack on unprotected databases which, to date, has deleted all content from over 1,000 ElasticSearch and MongoDB databases across the ‘net, leaving the calling-card “meow” in its place. Most people are likely to find this a lot less amusing than a kitty video, so if you have a database instance on a cloud machine, now would be a good time to verify that it is password protected by something other than the default, install password…
From the article:
The attack first came to the attention of researcher Bob Diachenko on Tuesday, when he discovered a database that stored user details of the UFO VPN had been destroyed. UFO VPN had already been in the news that day because the world-readable database exposed a wealth of sensitive user information… Besides amounting to a serious privacy breach, the database was

Original URL: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/7rB2Vi0aG-k/meow-attack-has-now-wiped-nearly-4000-databases

Original article

Comments are closed.

Proudly powered by WordPress | Theme: Baskerville 2 by Anders Noren.

Up ↑

%d bloggers like this: