The attackers and their motivations remain unknown; however, the incidents yet again highlight the risks of careless data security
Thousands of unsecured internet-facing databases have been on the receiving end of automated ‘Meow’ attacks that which involve destroying the data without leaving as much as an explanatory note.
A search on Shodan shows that as the Meow attacks have escalated in recent days, with almost 4,000 databases now wiped. While more than 97% of the attacks hit Elasticsearch and MongoDB instances, systems running Cassandra, CouchDB, Redis, Hadoop, Jenkins, and Apache ZooKeeper have been targeted as well, wrote BleepingComputer.
The onslaughts owe their moniker to the fact that the data is overwritten with random characters that include the word ‘meow’. Both the perpetrators and their reasons for the scorched-earth tactics remain unknown.
Meanwhile, a security researcher wrote on Twitter that the attacks have been carried out using ProtonVPN IP addresses.
The #meow attack is going thru @protonvpn, not sure how many origin IPs there are. From the logs in MongoDB you can see it drops databases first then create new ones with $randomstring-meow @MayhemDayOne @BleepinComputer #infosec pic.twitter.com/49dnVOGyq7
