BETA
This is a BETA experience. You may opt-out by clicking here

More From Forbes

FCC Votes To Restore Net Neutrality: A Win For Consumers And Democracy
An Ex-DOD Hacker Raises $20 Million To Stop ChatGPT-Fueled Cyberattacks
Tech Firms Pledge To Eliminate AI-Generated CSAM
Taser Company Axon Is Selling AI That Turns Body Cam Audio Into Police Reports
European Commission Launches Another TikTok Probe
Election 2024: Championing Proactive Cybersecurity To Fortify National Security
Edit Story
ForbesInnovationCybersecurity
Editors' Pick

Beware Of This Internet Cat’s Meow—It Destroys Databases

Davey Winder
Senior Contributor
Opinions expressed by Forbes Contributors are their own.
Veteran cybersecurity and tech analyst, journalist, hacker, author
Following
This article is more than 3 years old.

From Grumpy Cat to Lil Bub, internet felines have become superstars, attracted huge followings and earned small fortunes. There's no denying that cat memes are an integral part of online culture, and generally put a smile on our collective faces. Unfortunately, not all online cats are harmless.

Take the Meow bot that has recently emerged, for example, wiping smiles as quickly it wipes exposed online databases.

MORE FROM FORBESNew Dark Web Audit Reveals 15 Billion Stolen Logins From 100,000 BreachesBy Davey Winder

What is the Meow bot?

Meow bot appears to exist purely to destroy those databases that leave themselves open and exposed online without any security access controls. So-called because the automated attack script overwrites database indexes with random numerical strings with "meow" appended.

This action, which appears to hit both exposed Elasticsearch and MongoDB instances, effectively wipes the data from the database.

Databases being "meowed" is a new threat that has only been spotted by researchers in recent days. However, by using a properly-constructed query with the Shodan Internet-of-Things (IoT) search engine, much beloved by security researchers, we can see that dozens of databases have already fallen victim to the unknown attacker.

One of the most recent, a VPN provider that was among seven reported to have left a database of logs exposed, was uncovered by Bob Diachenko, a cyber threat specialist at Security Discovery. "It is quite fast," Diachenko tweeted, and can search and destroy new clusters "pretty effectively."

MORE FOR YOU

‘Challengers’ Reviews: Does Zendaya Tennis Movie Score With Critics?

‘Baby Reindeer’ Star Says Real Martha Searches Need To Stop

Patriots Select North Carolina Quarterback Drake Maye With No 3 Pick In NFL Draft

MORE FROM FORBESHow Hackers Use An Ordinary Light Bulb To Spy On Conversations 80 Feet AwayBy Davey Winder

Who is behind the Meow attacks?

Although the motive behind the Meow bot attacks is not yet known, nor from where the attacks originate, it has been posited by Bleeping Computer that this could be the work of a vigilante "trying to give administrators a hard lesson in security."

Javvad Malik, a security awareness advocate at KnowBe4, agreed that the lack of any ransomware note or demand "suggests this could be the work of a grey-hat who has had enough of unsecured databases and taken drastic measures themselves."

There is little doubt that unsecured databases have been a considerable problem, exposing customer data to anyone who goes looking, with simple misconfiguration errors at the heart of the issue. "Despite efforts by cloud providers to help secure databases," Malik said, "organizations repeatedly leave them exposed publicly, either by accident or through staff lacking the required knowledge."

Follow me on Twitter or LinkedInCheck out my website or some of my other work here
Davey Winder
Davey Winder