Hackers to the rescue! UFO VPN user log database leaks online for a second time

Stealing password from code

Just a week ago, we covered the news that user log files from the VPN service UFO VPN had been exposed. A database of user data appeared online despite the company's claims of having a "strict no-logs policy".

But while security experts took steps to lock down the data and restrict access to it by the middle of this month, earlier this week it transpired that a second, newer UFO VPN database had appeared online, containing even more data. This time, however, hackers came to the rescue with a coordinated "Meow" attack.

The attack -- which has resulted in the permanent destruction of over 1,000 unsecured databases, including the newly leaked UFO VPN data -- is so called because just the word "Meow" is left behind after it has been executed. Users of the VPN service should be thankful that hackers have helped out by deleting data rather than using it for malicious purposes. Included in the databases were plaintext passwords, IP addresses and other valuable information.

In an email to HackRead, Bob Diachenko, head of research at security firm Comparitech, said that it "seems like they have mismanaged to migrate the database on another server/IP and the same configuration issue happened thus exposing not only previously seen data but also newest ones, access logs dated Jul 20 (the day of the reappearing). Meaning that all others VPN databases got exposed".

He also tweeted about the latest twist in the tale:

The Meow attacks are still going on today, wiping out data from unsecured databases found online.

While many exposed databases have now been destroyed, it is still advisable for UFO VPN users to change passwords if they have not done so already.

Image credit: Maddas / Shutterstock

© 1998-2020 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.