If you’re going to mess with an unscrupulous VPN provider keeping logs of its customers’ IP addresses, you might as well do it with some panache.
That appears to be the thinking of unknown vigilante hackers who, over the course of the past week, overwrote the contents of over 1,000 unsecured databases left online for anyone to read. One of those databases, reports Ars Technica, belonged to UFO VPN — a Hong Kong VPN that claimed to not log any user data, but instead was recording everything from users’ passwords to IP addresses and storing it all in an unsecured database exposed to the open web.
Bob Diachenko, a security researcher at the cybersecurity consulting company Security Discovery, spotted the attack earlier this week, and, in the process, noticed a very particular calling card left by the hackers.
“New Elasticsearch bot attack does not contain any ransom or threats, just ‘meow’ with a random set of numbers,” he explained on Twitter. “It is quite fast and search&destroy new clusters pretty effectively.”
Catch that? The hackers aren’t running ransomware, or attempting to extort corporations for the sin of improperly securing their customers’ data. Rather, much like the famed BrickerBot that searched and destroyed IoT devices with hard-coded passwords that could easily be made part of a botnet, the Meow hackers essentially destroy exposed data (presumably) before someone else can find it and steal it.
Then again, it’s unclear if the hackers are stealing it themselves before writing over it. Those databases become a lot more valuable if you’re the only one with a copy, after all.
Regardless of the Meow hackers’ motivation — whether it be vigilantism, pettiness, boredom, or profit — there’s the possibility that something good will come out of this ongoing mess. Maybe, just maybe, more companies going forward will take the minimal time and basic effort to protect the untold amounts of customer data they’ve gathered over the years.
Because, if not, like a cat unable to resist pawing a glass of water left on the edge of your desk, the Meow hackers very well might be forever primed for their moment to pounce.