‘Meow’ Attack Has Now Wiped Nearly 4,000 Databases

On Thursday long-time Slashdot reader PuceBaboon wrote: Ars Technica is reporting a new attack on unprotected databases which, to date, has deleted all content from over 1,000 ElasticSearch and MongoDB databases across the ‘net, leaving the calling-card “meow” in its place.

Most people are likely to find this a lot less amusing than a kitty video, so if you have a database instance on a cloud machine, now would be a good time to verify that it is password protected by something other than the default, install password…


From the article:
The attack first came to the attention of researcher Bob Diachenko on Tuesday, when he discovered a database that stored user details of the UFO VPN had been destroyed. UFO VPN had already been in the news that day because the world-readable database exposed a wealth of sensitive user information… Besides amounting to a serious privacy breach, the database was at odds with the Hong Kong-based UFO’s promise to keep no logs. The VPN provider responded by moving the database to a different location but once again failed to secure it properly. Shortly after, the Meow attack wiped it out.
“Attacks have continued and are getting closer to 4,000,” reports Bleeping Computer. “A new search on Saturday using Shodan shows that more than 3,800 databases have entry names matching a ‘meow’ attack. More than 97% of them are Elastic and MongoDB.”