One attacker devastates 15,000 servers6. April 2020
One attacker devastates 15,000 servers
An attacker recently scanned the Internet for unsecured Elasticsearch servers, broke into more than 15,000 servers and attempted to delete their content.
The attacker left the name of the US cyber security company Night Lion Security to blame them.
Night Lion Security told ZDNet that the company had nothing to do with the Elasticsearch violations. In a tweet, company boss Vinny Troia blamed the attacks on DarkOverlord as retaliation for his book “Hunting Cyber Criminals”.
The number of services violated by the attacker exceeded 15,000, according to a BinaryEdge search. British security researcher John Wethington has discovered another attacker who breaks into Elasticsearch servers and defaces them.