Posted By: ITWiser Webmaster - Yorkshire's IT Specialists
Posted By: ITWiser Webmaster
Elastisearch hosting malware!
Once again an incident has occurred because software has been configured incorrectly. The result of this has ended in a malware infection. It’s been reported that 4,000 instances of search tools and open source analytics indicate that Elasticsearch are inadvertently running the PoS-stealing malware. Bob Diachenko from Kromtech has been looking into this case, and he has said that those servers are just 27 percent of the 15,000 unsecured devices found at the company, 99 percent of the infected devices are hosted by AWS.
This issue could have been avoided, it was down to people skipping through all the security configuration. This was a simple mistake that has now caused a massive issue and exposed large amounts of sensitive data. All the infected servers then became part of a larger PoS botnet, which was then targeting PoS clients and RAM and infected windows machines to steal credit card information.
ITWiser offer a wide range of services and solutions that can help prevent issues like this from affecting you and your business. We offer internal security audits and external security audits, these audits are designed to highlight issues inside and outside your network. For more information on these or on any of our other services please get in touch today.