U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Dozens of unsecured databases wiped by mysterious Meow attack

Dozens of unsecured databases exposed online web wiped by threat actors as part of a campaign tracked as Meow attack. Experts observed dozens of unsecured Elasticsearch and MongoDB instances exposed online that were inexplicably wiped by threat actors as part of a campaign tracked as Meow attack. The Meow attack began recently and attackers did […]

French hospital

Dozens of unsecured databases exposed online web wiped by threat actors as part of a campaign tracked as Meow attack.

Experts observed dozens of unsecured Elasticsearch and MongoDB instances exposed online that were inexplicably wiped by threat actors as part of a campaign tracked as Meow attack.

The Meow attack began recently and attackers did not leave any ransom note or disclaimer after the hack of the install.

Immediately after the first attacks, security experts started searching for vulnerable databases exposed online.

One of the recent Meow attacks targeted the Hong Kong-based VPN provider UFO VPN, hackers targeted its Elasticsearch database. Recently vpnMentor experts reported that seven Virtual Private Network (VPN) left 1.2 terabytes of private user data exposed to online.

Security researcher Bob Diachenko reported that the database was first secured in July, but unfortunately, it was exposed a few days later when it was hit by a Meow attack.

As result of the attack all the records were wiped and no message was left on the server.

“After the exposed data had been secured, it resurfaced a second time on July 20 at a different IP address. This dataset, which we believe was exposed a second time by UFO VPN, was even bigger and contains records as recent as July 19.” reported Diachenko. “July 20, 2020: The second exposed dataset was attacked, and almost all of the records destroyed by a “Meow” bot attack. Only newly added records remained.”

Experts believe that the threat actors are using a botnet to automate the attack, but it is still unclear which is their motivation.

“Diachenko told BleepingComputer that there are not many details about the attacker or the purpose of their actions. He says that the attack appears to be an automated script that “overwrites or destroys the data completely.”” reported BleepingComputer.

To avoid being victims of the meow attack, administrators should secure their system and avoid exposing them as result of misconfigurations.

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, meow attack)

[adrotate banner=”5″]

[adrotate banner=”13″]