Hackers targeted the unsecured Elasticsearch and MangoDB databases which erased all data. The damage done was without any demands. These are named as Meow Attacks as they lest a telltale meow type signature.

Screenshot of the File Attacked
Image Source – Twitter

Security researcher Bob Diachenko was linked in a tweet that was shared by Anthr@X that shows the screenshot of the log file which was attacked.

Meow Hacking Attack

The main target of hackers is the unsecured installation of Elasticsearch and MongoDB which means installation which is not protected by a firewall and is exposed to the public or one without SSL encrypted communications are likely to get attacked. This attack came into the notice of security research Bob Chiachenko on July 20, 2020.

Recommendation – Twitter Updated On Account Hacking Says Private Messages Were Accessed By Hackers

He also shared the latest victim of this attack in one of his tweets. The victim is an African Online Payment Service.

Automatic Hacking Attacks

Usually, a bot script is used for attacking the weak points such as unsecured ports and vulnerable files. For instance, a thief is walking in a street checking the doors of unlocked vehicles. The same is this meow attack.

Currently, it is attacking Elasticsearch the most followed by MongoDB.

Protective Measure to be Taken

Elasticsearch can be protected by security plugins.


It might be reasonable for distributors running Elasticsearch or MongoDB to consider auditing their establishments to discover they are secure and not presented to the open Internet.

Leave a Reply



That answer every ifs and buts of digital marketing

Stay ahead with deeper understanding of the trends and up-to-date marketing tactics; all tried & tested in the ever-growing digital space.

Looking to
Achieve your Goals?

Let us help you
get there!

We're a digital agency focused on
creative and results-driven solutions.

Start With
Submit Form Below