Shoddily-set-up Elastisearch hosting point-of-sale malware

www.theregister.co.uk | 9/13/2017 | Staff
jster97 (Posted by) Level 3
Click For Photo: https://regmedia.co.uk/2017/09/14/worst_case_scenario_shutterstock.jpg?x=1200&y=794

Lazily-configured software has again created a security incident, this time resulting in 4,000 instances of open source analytics and search tool Elasticsearch inadvertently running PoS-stealing malware.

Kromtech's Bob Diachenko writes those servers are just 27 per cent of a total of 15,000 ill-secured Elasticsearch nodes the company found, and 99 per cent of the infected servers are hosted at AWS.

One - People - Parts - Elasticsearch - Configuration

This one's caused by people clicking through the hard parts of Elasticsearch configuration, Kromtech explains, usually when taking up AWS' offer of a free AWS T2 micro instance as part of its Elastic Compute Cloud offering. That offer is limited to Elastisearch versions 1.5.2 or 2.3.2, and and Diachenko says “people skip all security configuration during the quick installation process. This is...
(Excerpt) Read more at: www.theregister.co.uk
22 other people are viewing this story
Wake Up To Breaking News!
Sign In or Register to comment.