Hundreds of unsecured databases exposed on the public web are the target of an automated ‘meow’ attack that destroys data without any explanation.
The activity started recently by hitting Elasticsearch and MongoDB instances without leaving any explanation, or even a ransom note. Attacks then expanded to other database types and to file systems open on the web.
A quick search by BleepingComputer on the IoT search engine Shodan initially found dozens of databases that have been affected by this attack. Recently, the number of wiped databases increased to over 1,800.
Source: Bleeping Computer
First off all overwriting exposed databases is better than selling that data to scammers and spammers. Second destroying data which may harm those whose data has been (maybe illegally) collected (or at least without their knowledge or consent) is also a good thing. But what about destroying data in order to hide evidence? I’m not sure what to think about these meow attacks.
However putting unsecured databases into the web is always bad practice. Don’t do that. Never. If you need data to be publicly available properly secure the database and create an API to securely access and/or manage that data. It’s not that hard.