Cyber attacks on databases for reminder
Deepak Kumar
Propelling AI To Reinvent The Future ||Author|| 150+ Mentorship|| Leader || Innovator || Machine learning Specialist || Distributed architecture | IoT | Cloud Computing
Why to read this?
There are attacks which act as a Reminder for Organisations to Identify and Secure their Databases.
If you like to know about them, then this document helps
Meow attack
It’s not the first time attackers have targeted unsecured databases, which have become increasingly common with the growing use of cloud computing services from Amazon, Microsoft, and other providers. In some cases, the motivation is to make money through ransomware rackets. In other cases—including the current Meow attacks—the data is simply wiped out with no ransomware note or any other explanation. The only thing left behind in the current attacks is the word “meow.”
Real example
Below example shows attack to a mongodb server. Here attacker system has injected many databases. Look at -meow suffix in the database name.
Reference
Thanks to these helping hands
https://www.forbes.com/sites/daveywinder/2020/07/22/not-all-internet-cats-are-cute-meow-bot-is-a-database-destroyer/#408f04f030e2 https://arstechnica.com/information-technology/2020/07/more-than-1000-databases-have-been-nuked-by-mystery-meow-attack/ https://images.app.goo.gl/G9pJ6jfWw6p9QzoQ6 https://blog.qualys.com/product-tech/2020/08/26/meow-attack-a-reminder-for-organizations-to-identify-and-secure-their-databases