Some may already know it and others do not but today we come to talk about Meow which is well remembered for deleting thousands of databases connected to the Internet without protection from the companies Elasticsearch and MongoDB which did not ask for ransom or anything, they deleted the data for no apparent reason.
This attack suggests that the attacks were the work of an automated script that either rewrites the data stored in the databases or completely destroys said data. In addition, this expanded not only to these 2 but to several others such as Cassandra, CouchDB, Redis, Hadoop and Jenkins. Also to storage devices connected to the Network. These were carried out through the IP addresses of ProtonVPN, a virtual private network focused on privacy, in order to hide the origin of the attack.
Its purpose? Destroy the indexes of the affected bases by inserting random characters, followed by, A final ” meow ” message as if it were a joke in bad taste. That is why security is so important when surfing the net. These were violated because they were unprotected databases connected to the Internet and what this threat did was look for vulnerabilities that were then adding that they were not protected, a not very good combination for their security.
Check also:
Clop – A dangerous encryption ransomware
DoppelPaymer – Ransomware targeting industries
[…] topics:Meow threat not as friendly as its nameCharming Kitten, A cunning criminal […]