The ‘Meow’ is one of the first publicly known cyberattacks to steal and wipe out insecure data. This attack was first discovered by researcher Bob Diachenko, a Cyber Threat Intelligence expert based in Germany. He found that the number of data that was stored user details of the UFO VPN had been destroyed which includes user information such as account passwords in plain text, VPN session secrets, and tokens, Geo-tags, Device, and OS characteristics and connections timestamps.
The number of databases was wiped and reported that the Meow attack has impacted mostly Elasticsearch databases (1,395), MongoDB (383), and Redis (54). How did this cyberattack get named Meow? No ransomware note or any other explanation was left after the data was destroyed by the hacker. The only thing left behind the attack is the word “Meow”.
With LIFARS on retainer a cybersecurity incident or a data breach will be handled with the highest priority under strict SLAs. Have your own Computer Security Incident Response Team on call and ready for deployment as your private 911 cyber-emergency.
The investigation is still going on the hacker behind the Meow attack and also to find the main motive besides stealing and destroying the data. Many people have fallen for this cyberattack, and it was reported after discovering by using the Shodan Internet of Things(IoT) search engine which helps users to find specific types of devices or computers connected to the internet. However, the motive of the cyber attacker is to give a hard lesson in security and for fun.
How is the attacker destroying all these data? According to the head of research security, the hacker seems to scan the Internet for insecure open source databases that expose information by running seminal searches. Then, the attackers execute scripts that delete the data and it is reported that if it is not stopped then the number of affected databases is expected to double the next day.
How to protect open-source databases? Therefore to prevent databases from the attack, the triangular concept for Database Security (CIA) must practice for database security. Using the best security guidelines and making sure the databases are secure from every layer.