Skip to main content

Unsecured databases targeted with new wipe attack

(Image credit: Image source: Shutterstock/lolloj)

Cybersecurity researchers are warning of a new wave of attacks against unsecured MongoDB databases, which don’t appear to be driven by any other agenda but to wreak havoc.

According to security expert Bob Diachenko and researchers from Bleeping Computer, cybercriminals are employing a new automated attack dubbed “meow”, which aims to overwrite and destroy data.

This is not the first time criminals have targeted open databases with the intent of destroying data, but what separates this attack from the others is that no data is stolen in the process.

The identity of the perpetrator remains unclear, along with the motivation for the hacking campaign. Researchers are even speculating that the hacker's intentions might be positive, with the attacks designed to remind businesses of the importance of protecting their data.

“For those affected by the attacks, it may be better to have your database wiped out than getting it stolen and offered to anyone on the Dark Web," said Ilia Kolochenko, Founder & CEO of web security company ImmuniWeb. 

"It is, however, not unimaginable that before deleting a copy of database is made, and that the reason for deletion is to stop competitive cyber gangs from getting the same data. In web hacking campaigns, for example, rival gangs frequently patch vulnerable websites after taking control over them."

“To prevent such attacks organizations should maintain a comprehensive and update inventory of their assets, equipped with continuous security monitoring and patch management."

Meanwhile, in another recent attack against unsecured MongoDB databases, hackers threatened to release business data onto the internet and then report the relevant firm to data protection watchdogs.

Update:

A MongoDB spokesperson has since provided ITProPortal with the following statement:

"Our MongoDB Community database is a very popular product, with over 100M downloads worldwide. Unfortunately, not every installation follows best practices and as a result, some are improperly configured."

"When MongoDB was first made aware of these issues several years ago, we made product changes to secure the open source community product’s default settings. As a result, we’ve seen the number of open databases reported to significantly decline."

"The default MongoDB database setup today comes with secure defaults out of the box."