Greater than 1,000 unsecured databases to date have been completely deleted in an ongoing assault that leaves the phrase “meow” as its solely calling card, in accordance with Web searches over the previous day.
The assault first got here to the eye of researcher Bob Diachenko on Tuesday, when he found a database that saved person particulars of the UFO VPN had been destroyed. UFO VPN had already been within the information that day as a result of the world-readable database uncovered a wealth of delicate person data, together with:
- Account passwords in plain textual content
- VPN session secrets and techniques and tokens
- IP addresses of each person units and the VPN servers they related to
- Connection timestamps
- Machine and OS traits
- Obvious domains from which ads are injected into free customers’ Net browsers
Moreover amounting to a critical privateness breach, the database was at odds with the Hong Kong-based UFO’s promise to maintain no logs. The VPN supplier responded by shifting the database to a unique location however as soon as once more did not safe it correctly. Shortly after, the Meow assault wiped it out.
Learn 6 remaining paragraphs | Feedback