{"id":1898,"date":"2020-04-03T20:08:18","date_gmt":"2020-04-03T18:08:18","guid":{"rendered":"https:\/\/fr.koddos.net\/blog\/?p=1898"},"modified":"2020-04-03T20:08:21","modified_gmt":"2020-04-03T18:08:21","slug":"15-000-serveurs-elasticsearch-elimines-et-endommages-par-un-hacker","status":"publish","type":"post","link":"https:\/\/fr.koddos.net\/blog\/15-000-serveurs-elasticsearch-elimines-et-endommages-par-un-hacker\/","title":{"rendered":"15 000 SERVEURS ELASTICSEARCH \u00c9LIMIN\u00c9S ET ENDOMMAG\u00c9S PAR UN HACKER"},"content":{"rendered":"\n<p>Des\nrapports ont r\u00e9v\u00e9l\u00e9 qu&rsquo;un hacker a exploit\u00e9 les serveurs Elasticsearch au cours\ndes deux derni\u00e8res semaines. Alors que le hacker essayait de s&rsquo;introduire dans\nle syst\u00e8me, il a \u00e9galement fait porter le chapeau \u00e0 l&rsquo;entreprise de s\u00e9curit\u00e9\nNight Lion pour cette attaque.<\/p>\n\n\n\n<p><strong><a href=\"https:\/\/twitter.com\/Shadow0pz\">John Wethington<\/a><\/strong>, un\nchercheur en s\u00e9curit\u00e9 britannique, a d\u00e9couvert les activit\u00e9s du hacker et l&rsquo;a\nimm\u00e9diatement signal\u00e9. Selon lui, la premi\u00e8re vague d&rsquo;attaque sur Elasticsearch\na commenc\u00e9 le 24 mars.<\/p>\n\n\n\n<p>Selon\nle chercheur, l&rsquo;attaque semble avoir \u00e9t\u00e9 perp\u00e9tr\u00e9e \u00e0 l&rsquo;aide d&rsquo;un script\nautomatis\u00e9 qui scanne Internet \u00e0 la recherche de syst\u00e8mes ElasticSearch non\ns\u00e9curis\u00e9s. Une fois que le hacker trouve ces syst\u00e8mes non prot\u00e9g\u00e9s, il essaie\nde se connecter \u00e0 la base de donn\u00e9es et tente de supprimer leur contenu. Apr\u00e8s\navoir supprim\u00e9 le contenu sur le serveur pirat\u00e9, il installe un nouvel index\nconnu sous le nom de nightlionsecurity.com.<\/p>\n\n\n\n<p><strong>La\nm\u00e9thode d&rsquo;attaque n&rsquo;est pas toujours efficace<\/strong><\/p>\n\n\n\n<p>Wethington\na r\u00e9v\u00e9l\u00e9 que bien que l&rsquo;attaquant ait r\u00e9ussi dans certains cas, le script\nd&rsquo;attaque ne fonctionne pas \u00e0 chaque fois. <\/p>\n\n\n\n<p>N\u00e9anmoins,\nle sch\u00e9ma de nettoyage est \u00e9vident sur de nombreux serveurs Elasticsearch. En\nraison de la grande instabilit\u00e9 des donn\u00e9es stock\u00e9es dans les serveurs, il est\ndifficile de dire exactement le nombre de syst\u00e8mes que le hacker a pu pirater. <\/p>\n\n\n\n<p>Le\nfondateur de la soci\u00e9t\u00e9 de s\u00e9curit\u00e9 Night Lion, Vinny Troia, a d\u00e9clar\u00e9 que la\nsoci\u00e9t\u00e9 n&rsquo;avait rien \u00e0 voir avec l&rsquo;<strong><a href=\"https:\/\/koddos.net\/blog\/hacking-group-says-its-behind-the-hacked-twitter-accounts-of-15-nfl-team\/\">activit\u00e9\nde piratage<\/a><\/strong> sur les serveurs d&rsquo;ElasticSearch. Il a soulign\u00e9 que\nle v\u00e9ritable auteur du d\u00e9lit essayait seulement d&rsquo;entra\u00eener la soci\u00e9t\u00e9, en\ndisant qu&rsquo;elle n&rsquo;avait aucune id\u00e9e de l&rsquo;existence d&rsquo;un piratage sur le serveur\nElasticsearch.<\/p>\n\n\n\n<p>Troia\na \u00e9t\u00e9 interview\u00e9 par <strong><a href=\"https:\/\/www.databreaches.net\/someones-wiping-out-elastic-searches-and-leaving-a-security-firms-name\/\">DataBreaches.net\nla semaine derni\u00e8re<\/a><\/strong>. Au cours de l&rsquo;entretien, il a d\u00e9clar\u00e9 que\nle hacker pourrait avoir \u00e9t\u00e9 perp\u00e9tr\u00e9 par un hacker que la soci\u00e9t\u00e9 surveille\ndepuis quelques ann\u00e9es. Selon lui, le hacker a probablement d\u00e9cid\u00e9 de rejeter\nla faute sur lui parce qu&rsquo;il veut que la soci\u00e9t\u00e9 de s\u00e9curit\u00e9 le laisse\ntranquille. Troia a m\u00eame d\u00e9clar\u00e9 qu&rsquo;il est en train d&rsquo;\u00e9crire un livre, dont la\nplupart des contenus d\u00e9taillent les activit\u00e9s du hacker au cours des derni\u00e8res\nann\u00e9es.<\/p>\n\n\n\n<p>Au\nd\u00e9part, l&rsquo;attaque sur ElasticSearch le 26 mars ressemblait \u00e0 une ruse, elle est\nmaintenant consid\u00e9r\u00e9e comme tr\u00e8s s\u00e9rieuse car le hacker peut faire quelques\nd\u00e9g\u00e2ts. <\/p>\n\n\n\n<p>Les\nchercheurs en s\u00e9curit\u00e9 de BinaryEdge ont d\u00e9clar\u00e9 que le nombre d&rsquo;attaques a\naugment\u00e9 de mani\u00e8re exponentielle. Avant la premi\u00e8re interview, seuls environ\n150 serveurs Elasticsearch ont \u00e9t\u00e9 endommag\u00e9s. Cependant, les chiffres ont\naugment\u00e9 rapidement car le serveur o\u00f9 se trouve l&rsquo;index de\nnightlionsecurity.com est pass\u00e9 \u00e0 plus de 15 000. <\/p>\n\n\n\n<p>Si\nl&rsquo;on consid\u00e8re le nombre de serveurs Elasticsearch <strong><a href=\"https:\/\/koddos.net\/blog\/hackers-exposed-personal-details-of-10-6m-mgm-hotel-guests\/\">expos\u00e9s<\/a><\/strong>\nsur le serveur public, il est \u00e9vident que le serveur endommag\u00e9 est extr\u00eamement\nvolumineux. Selon BinaryEdge, il y avait environ 34 500 serveurs Elasticsearch\nexpos\u00e9s sur l&rsquo;internet public. L&rsquo;affaire est tr\u00e8s grave si 15 000 de ces\nserveurs sont pirat\u00e9s.<\/p>\n\n\n\n<p><strong>Les\nservices r\u00e9pressifs ont \u00e9t\u00e9 imm\u00e9diatement inform\u00e9s<\/strong><\/p>\n\n\n\n<p>Troia\na d\u00e9clar\u00e9 avoir imm\u00e9diatement contact\u00e9 l&rsquo;\u00e9quipe de s\u00e9curit\u00e9 d&rsquo;Elastic d\u00e8s qu&rsquo;il\na d\u00e9couvert la violation. Il a d\u00e9clar\u00e9 que la soci\u00e9t\u00e9 enqu\u00eatait actuellement\nsur le nombre de serveurs attaqu\u00e9s. <\/p>\n\n\n\n<p>Actuellement,\nWethington fait une liste de tous les serveurs touch\u00e9s par l&rsquo;attaque, et elle\nessaie de savoir quelles entreprises ont subi une panne.<\/p>\n\n\n\n<p><strong>Un\ndeuxi\u00e8me hacker a \u00e9t\u00e9 identifi\u00e9<\/strong><\/p>\n\n\n\n<p>Lorsque\nWethington s&rsquo;est pench\u00e9 sur le probl\u00e8me, il a d\u00e9couvert qu&rsquo;un autre hacker\n\u00e9tait impliqu\u00e9, et il s&rsquo;int\u00e9resse \u00e9galement aux serveurs Elasticsearch. Le\nsecond attaquant a <strong><a href=\"https:\/\/koddos.net\/blog\/russian-hackers-breached-fsb-contractor-stumble-upon-iot-botnet-plans\/\">viol\u00e9<\/a><\/strong>\nles serveurs non s\u00e9curis\u00e9s en envoyant un message aux victimes pour leur faire\nsavoir que leur serveur a \u00e9t\u00e9 attaqu\u00e9. Le message demande aux victimes de les\ncontacter par e-mail. <\/p>\n\n\n\n<p>Cependant,\ncette deuxi\u00e8me attaque est encore \u00e0 petite \u00e9chelle, car le hacker n&rsquo;a r\u00e9ussi \u00e0\nattaquer que 40 serveurs.<\/p>\n\n\n\n<p><strong>Des\nattaques similaires se sont produites dans le pass\u00e9.<\/strong>\n\nCe\nn&rsquo;est pas la premi\u00e8re fois qu&rsquo;Elasrticsearch ou d&rsquo;autres serveurs sont\nattaqu\u00e9s. En 2017, plusieurs groupes de hackers sp\u00e9cialis\u00e9s dans les attaques\npar ran\u00e7ongiciel de bases de donn\u00e9es ont utilis\u00e9 plusieurs technologies de\nbases de donn\u00e9es, dont Elasticsearch. En cons\u00e9quence, plusieurs milliers de <strong><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/mongodb-hijackers-move-on-to-elasticsearch-servers\/\">donn\u00e9es\nElasticsearch<\/a><\/strong> ont \u00e9t\u00e9 supprim\u00e9es pendant cette p\u00e9riode, avec des\nmessages et des ran\u00e7ons demandant aux propri\u00e9taires de payer pour r\u00e9cup\u00e9rer\nleurs donn\u00e9es. Mais les victimes ne savaient pas que les donn\u00e9es avaient \u00e9t\u00e9\nsupprim\u00e9es et non vol\u00e9es.\n\n\n\n<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Des rapports ont r\u00e9v\u00e9l\u00e9 qu&rsquo;un hacker a exploit\u00e9 les serveurs Elasticsearch au cours des deux derni\u00e8res semaines. Alors que le hacker essayait de s&rsquo;introduire dans le syst\u00e8me, il a \u00e9galement fait porter le chapeau \u00e0 l&rsquo;entreprise de s\u00e9curit\u00e9 Night Lion pour cette attaque. John Wethington, un chercheur en s\u00e9curit\u00e9 britannique, a d\u00e9couvert les activit\u00e9s du &hellip; <a href=\"https:\/\/fr.koddos.net\/blog\/15-000-serveurs-elasticsearch-elimines-et-endommages-par-un-hacker\/\" class=\"more-link\">Continue reading <span class=\"screen-reader-text\">15 000 SERVEURS ELASTICSEARCH \u00c9LIMIN\u00c9S ET ENDOMMAG\u00c9S PAR UN HACKER<\/span><\/a><\/p>\n","protected":false},"author":5,"featured_media":1899,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[6],"tags":[],"class_list":["post-1898","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-actualite"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.5 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>15 000 SERVEURS ELASTICSEARCH \u00c9LIMIN\u00c9S ET ENDOMMAG\u00c9S PAR UN HACKER - Blog KoDDoS<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/fr.koddos.net\/blog\/15-000-serveurs-elasticsearch-elimines-et-endommages-par-un-hacker\/\" \/>\n<meta property=\"og:locale\" content=\"fr_FR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"15 000 SERVEURS ELASTICSEARCH \u00c9LIMIN\u00c9S ET ENDOMMAG\u00c9S PAR UN HACKER - Blog KoDDoS\" \/>\n<meta property=\"og:description\" content=\"Des rapports ont r\u00e9v\u00e9l\u00e9 qu&rsquo;un hacker a exploit\u00e9 les serveurs Elasticsearch au cours des deux derni\u00e8res semaines. Alors que le hacker essayait de s&rsquo;introduire dans le syst\u00e8me, il a \u00e9galement fait porter le chapeau \u00e0 l&rsquo;entreprise de s\u00e9curit\u00e9 Night Lion pour cette attaque. John Wethington, un chercheur en s\u00e9curit\u00e9 britannique, a d\u00e9couvert les activit\u00e9s du &hellip; Continue reading 15 000 SERVEURS ELASTICSEARCH \u00c9LIMIN\u00c9S ET ENDOMMAG\u00c9S PAR UN HACKER\" \/>\n<meta property=\"og:url\" content=\"https:\/\/fr.koddos.net\/blog\/15-000-serveurs-elasticsearch-elimines-et-endommages-par-un-hacker\/\" \/>\n<meta property=\"og:site_name\" content=\"Blog KoDDoS\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/koddosCom\" \/>\n<meta property=\"article:published_time\" content=\"2020-04-03T18:08:18+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2020-04-03T18:08:21+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/i2.wp.com\/fr.koddos.net\/blog\/wp-content\/uploads\/2020\/04\/Cobalt-Strike-Bug-Exposed-Thousands-of-Malware-CC-Servers.jpg?fit=825%2C510&ssl=1\" \/>\n\t<meta property=\"og:image:width\" content=\"825\" \/>\n\t<meta property=\"og:image:height\" content=\"510\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"KoDDoS\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@koddoscom\" \/>\n<meta name=\"twitter:site\" content=\"@koddoscom\" \/>\n<meta name=\"twitter:label1\" content=\"\u00c9crit par\" \/>\n\t<meta name=\"twitter:data1\" content=\"KoDDoS\" \/>\n\t<meta name=\"twitter:label2\" content=\"Dur\u00e9e de lecture estim\u00e9e\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/fr.koddos.net\\\/blog\\\/15-000-serveurs-elasticsearch-elimines-et-endommages-par-un-hacker\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/fr.koddos.net\\\/blog\\\/15-000-serveurs-elasticsearch-elimines-et-endommages-par-un-hacker\\\/\"},\"author\":{\"name\":\"KoDDoS\",\"@id\":\"https:\\\/\\\/fr.koddos.net\\\/blog\\\/#\\\/schema\\\/person\\\/d22f7fb31dc4d117c9eb5c9cfe533f85\"},\"headline\":\"15 000 SERVEURS ELASTICSEARCH \u00c9LIMIN\u00c9S ET ENDOMMAG\u00c9S PAR UN HACKER\",\"datePublished\":\"2020-04-03T18:08:18+00:00\",\"dateModified\":\"2020-04-03T18:08:21+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/fr.koddos.net\\\/blog\\\/15-000-serveurs-elasticsearch-elimines-et-endommages-par-un-hacker\\\/\"},\"wordCount\":851,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/fr.koddos.net\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/fr.koddos.net\\\/blog\\\/15-000-serveurs-elasticsearch-elimines-et-endommages-par-un-hacker\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/i0.wp.com\\\/fr.koddos.net\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/04\\\/Cobalt-Strike-Bug-Exposed-Thousands-of-Malware-CC-Servers.jpg?fit=825%2C510&ssl=1\",\"articleSection\":[\"Actualit\u00e9s\"],\"inLanguage\":\"fr-FR\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/fr.koddos.net\\\/blog\\\/15-000-serveurs-elasticsearch-elimines-et-endommages-par-un-hacker\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/fr.koddos.net\\\/blog\\\/15-000-serveurs-elasticsearch-elimines-et-endommages-par-un-hacker\\\/\",\"url\":\"https:\\\/\\\/fr.koddos.net\\\/blog\\\/15-000-serveurs-elasticsearch-elimines-et-endommages-par-un-hacker\\\/\",\"name\":\"15 000 SERVEURS ELASTICSEARCH \u00c9LIMIN\u00c9S ET ENDOMMAG\u00c9S PAR UN HACKER - Blog KoDDoS\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/fr.koddos.net\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/fr.koddos.net\\\/blog\\\/15-000-serveurs-elasticsearch-elimines-et-endommages-par-un-hacker\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/fr.koddos.net\\\/blog\\\/15-000-serveurs-elasticsearch-elimines-et-endommages-par-un-hacker\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/i0.wp.com\\\/fr.koddos.net\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/04\\\/Cobalt-Strike-Bug-Exposed-Thousands-of-Malware-CC-Servers.jpg?fit=825%2C510&ssl=1\",\"datePublished\":\"2020-04-03T18:08:18+00:00\",\"dateModified\":\"2020-04-03T18:08:21+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/fr.koddos.net\\\/blog\\\/15-000-serveurs-elasticsearch-elimines-et-endommages-par-un-hacker\\\/#breadcrumb\"},\"inLanguage\":\"fr-FR\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/fr.koddos.net\\\/blog\\\/15-000-serveurs-elasticsearch-elimines-et-endommages-par-un-hacker\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\\\/\\\/fr.koddos.net\\\/blog\\\/15-000-serveurs-elasticsearch-elimines-et-endommages-par-un-hacker\\\/#primaryimage\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/fr.koddos.net\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/04\\\/Cobalt-Strike-Bug-Exposed-Thousands-of-Malware-CC-Servers.jpg?fit=825%2C510&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/fr.koddos.net\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/04\\\/Cobalt-Strike-Bug-Exposed-Thousands-of-Malware-CC-Servers.jpg?fit=825%2C510&ssl=1\",\"width\":825,\"height\":510},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/fr.koddos.net\\\/blog\\\/15-000-serveurs-elasticsearch-elimines-et-endommages-par-un-hacker\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Accueil\",\"item\":\"https:\\\/\\\/fr.koddos.net\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"15 000 SERVEURS ELASTICSEARCH \u00c9LIMIN\u00c9S ET ENDOMMAG\u00c9S PAR UN HACKER\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/fr.koddos.net\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/fr.koddos.net\\\/blog\\\/\",\"name\":\"Blog KoDDoS\",\"description\":\"Blog KoDDoS est un blog d\u2019information et d\u2019actualit\u00e9 focalis\u00e9 sur le hacking, la cyber criminalit\u00e9, la vie priv\u00e9e et la surveillance.\",\"publisher\":{\"@id\":\"https:\\\/\\\/fr.koddos.net\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/fr.koddos.net\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"fr-FR\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/fr.koddos.net\\\/blog\\\/#organization\",\"name\":\"KoDDoS\",\"url\":\"https:\\\/\\\/fr.koddos.net\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\\\/\\\/fr.koddos.net\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/i1.wp.com\\\/fr.koddos.net\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/02\\\/logo.png?fit=258%2C55&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i1.wp.com\\\/fr.koddos.net\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/02\\\/logo.png?fit=258%2C55&ssl=1\",\"width\":258,\"height\":55,\"caption\":\"KoDDoS\"},\"image\":{\"@id\":\"https:\\\/\\\/fr.koddos.net\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/koddosCom\",\"https:\\\/\\\/x.com\\\/koddoscom\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/fr.koddos.net\\\/blog\\\/#\\\/schema\\\/person\\\/d22f7fb31dc4d117c9eb5c9cfe533f85\",\"name\":\"KoDDoS\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/239872ddb935e40a5bf46e7421e0fdd8419ae8e91164a61d84219911f7648c73?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/239872ddb935e40a5bf46e7421e0fdd8419ae8e91164a61d84219911f7648c73?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/239872ddb935e40a5bf46e7421e0fdd8419ae8e91164a61d84219911f7648c73?s=96&d=mm&r=g\",\"caption\":\"KoDDoS\"},\"url\":\"https:\\\/\\\/fr.koddos.net\\\/blog\\\/author\\\/oiyndjepop\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"15 000 SERVEURS ELASTICSEARCH \u00c9LIMIN\u00c9S ET ENDOMMAG\u00c9S PAR UN HACKER - Blog KoDDoS","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/fr.koddos.net\/blog\/15-000-serveurs-elasticsearch-elimines-et-endommages-par-un-hacker\/","og_locale":"fr_FR","og_type":"article","og_title":"15 000 SERVEURS ELASTICSEARCH \u00c9LIMIN\u00c9S ET ENDOMMAG\u00c9S PAR UN HACKER - Blog KoDDoS","og_description":"Des rapports ont r\u00e9v\u00e9l\u00e9 qu&rsquo;un hacker a exploit\u00e9 les serveurs Elasticsearch au cours des deux derni\u00e8res semaines. Alors que le hacker essayait de s&rsquo;introduire dans le syst\u00e8me, il a \u00e9galement fait porter le chapeau \u00e0 l&rsquo;entreprise de s\u00e9curit\u00e9 Night Lion pour cette attaque. John Wethington, un chercheur en s\u00e9curit\u00e9 britannique, a d\u00e9couvert les activit\u00e9s du &hellip; Continue reading 15 000 SERVEURS ELASTICSEARCH \u00c9LIMIN\u00c9S ET ENDOMMAG\u00c9S PAR UN HACKER","og_url":"https:\/\/fr.koddos.net\/blog\/15-000-serveurs-elasticsearch-elimines-et-endommages-par-un-hacker\/","og_site_name":"Blog KoDDoS","article_publisher":"https:\/\/www.facebook.com\/koddosCom","article_published_time":"2020-04-03T18:08:18+00:00","article_modified_time":"2020-04-03T18:08:21+00:00","og_image":[{"width":825,"height":510,"url":"https:\/\/i2.wp.com\/fr.koddos.net\/blog\/wp-content\/uploads\/2020\/04\/Cobalt-Strike-Bug-Exposed-Thousands-of-Malware-CC-Servers.jpg?fit=825%2C510&ssl=1","type":"image\/jpeg"}],"author":"KoDDoS","twitter_card":"summary_large_image","twitter_creator":"@koddoscom","twitter_site":"@koddoscom","twitter_misc":{"\u00c9crit par":"KoDDoS","Dur\u00e9e de lecture estim\u00e9e":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/fr.koddos.net\/blog\/15-000-serveurs-elasticsearch-elimines-et-endommages-par-un-hacker\/#article","isPartOf":{"@id":"https:\/\/fr.koddos.net\/blog\/15-000-serveurs-elasticsearch-elimines-et-endommages-par-un-hacker\/"},"author":{"name":"KoDDoS","@id":"https:\/\/fr.koddos.net\/blog\/#\/schema\/person\/d22f7fb31dc4d117c9eb5c9cfe533f85"},"headline":"15 000 SERVEURS ELASTICSEARCH \u00c9LIMIN\u00c9S ET ENDOMMAG\u00c9S PAR UN HACKER","datePublished":"2020-04-03T18:08:18+00:00","dateModified":"2020-04-03T18:08:21+00:00","mainEntityOfPage":{"@id":"https:\/\/fr.koddos.net\/blog\/15-000-serveurs-elasticsearch-elimines-et-endommages-par-un-hacker\/"},"wordCount":851,"commentCount":0,"publisher":{"@id":"https:\/\/fr.koddos.net\/blog\/#organization"},"image":{"@id":"https:\/\/fr.koddos.net\/blog\/15-000-serveurs-elasticsearch-elimines-et-endommages-par-un-hacker\/#primaryimage"},"thumbnailUrl":"https:\/\/i0.wp.com\/fr.koddos.net\/blog\/wp-content\/uploads\/2020\/04\/Cobalt-Strike-Bug-Exposed-Thousands-of-Malware-CC-Servers.jpg?fit=825%2C510&ssl=1","articleSection":["Actualit\u00e9s"],"inLanguage":"fr-FR","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/fr.koddos.net\/blog\/15-000-serveurs-elasticsearch-elimines-et-endommages-par-un-hacker\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/fr.koddos.net\/blog\/15-000-serveurs-elasticsearch-elimines-et-endommages-par-un-hacker\/","url":"https:\/\/fr.koddos.net\/blog\/15-000-serveurs-elasticsearch-elimines-et-endommages-par-un-hacker\/","name":"15 000 SERVEURS ELASTICSEARCH \u00c9LIMIN\u00c9S ET ENDOMMAG\u00c9S PAR UN HACKER - Blog KoDDoS","isPartOf":{"@id":"https:\/\/fr.koddos.net\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/fr.koddos.net\/blog\/15-000-serveurs-elasticsearch-elimines-et-endommages-par-un-hacker\/#primaryimage"},"image":{"@id":"https:\/\/fr.koddos.net\/blog\/15-000-serveurs-elasticsearch-elimines-et-endommages-par-un-hacker\/#primaryimage"},"thumbnailUrl":"https:\/\/i0.wp.com\/fr.koddos.net\/blog\/wp-content\/uploads\/2020\/04\/Cobalt-Strike-Bug-Exposed-Thousands-of-Malware-CC-Servers.jpg?fit=825%2C510&ssl=1","datePublished":"2020-04-03T18:08:18+00:00","dateModified":"2020-04-03T18:08:21+00:00","breadcrumb":{"@id":"https:\/\/fr.koddos.net\/blog\/15-000-serveurs-elasticsearch-elimines-et-endommages-par-un-hacker\/#breadcrumb"},"inLanguage":"fr-FR","potentialAction":[{"@type":"ReadAction","target":["https:\/\/fr.koddos.net\/blog\/15-000-serveurs-elasticsearch-elimines-et-endommages-par-un-hacker\/"]}]},{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/fr.koddos.net\/blog\/15-000-serveurs-elasticsearch-elimines-et-endommages-par-un-hacker\/#primaryimage","url":"https:\/\/i0.wp.com\/fr.koddos.net\/blog\/wp-content\/uploads\/2020\/04\/Cobalt-Strike-Bug-Exposed-Thousands-of-Malware-CC-Servers.jpg?fit=825%2C510&ssl=1","contentUrl":"https:\/\/i0.wp.com\/fr.koddos.net\/blog\/wp-content\/uploads\/2020\/04\/Cobalt-Strike-Bug-Exposed-Thousands-of-Malware-CC-Servers.jpg?fit=825%2C510&ssl=1","width":825,"height":510},{"@type":"BreadcrumbList","@id":"https:\/\/fr.koddos.net\/blog\/15-000-serveurs-elasticsearch-elimines-et-endommages-par-un-hacker\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Accueil","item":"https:\/\/fr.koddos.net\/blog\/"},{"@type":"ListItem","position":2,"name":"15 000 SERVEURS ELASTICSEARCH \u00c9LIMIN\u00c9S ET ENDOMMAG\u00c9S PAR UN HACKER"}]},{"@type":"WebSite","@id":"https:\/\/fr.koddos.net\/blog\/#website","url":"https:\/\/fr.koddos.net\/blog\/","name":"Blog KoDDoS","description":"Blog KoDDoS est un blog d\u2019information et d\u2019actualit\u00e9 focalis\u00e9 sur le hacking, la cyber criminalit\u00e9, la vie priv\u00e9e et la surveillance.","publisher":{"@id":"https:\/\/fr.koddos.net\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/fr.koddos.net\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"fr-FR"},{"@type":"Organization","@id":"https:\/\/fr.koddos.net\/blog\/#organization","name":"KoDDoS","url":"https:\/\/fr.koddos.net\/blog\/","logo":{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/fr.koddos.net\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/i1.wp.com\/fr.koddos.net\/blog\/wp-content\/uploads\/2018\/02\/logo.png?fit=258%2C55&ssl=1","contentUrl":"https:\/\/i1.wp.com\/fr.koddos.net\/blog\/wp-content\/uploads\/2018\/02\/logo.png?fit=258%2C55&ssl=1","width":258,"height":55,"caption":"KoDDoS"},"image":{"@id":"https:\/\/fr.koddos.net\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/koddosCom","https:\/\/x.com\/koddoscom"]},{"@type":"Person","@id":"https:\/\/fr.koddos.net\/blog\/#\/schema\/person\/d22f7fb31dc4d117c9eb5c9cfe533f85","name":"KoDDoS","image":{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/secure.gravatar.com\/avatar\/239872ddb935e40a5bf46e7421e0fdd8419ae8e91164a61d84219911f7648c73?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/239872ddb935e40a5bf46e7421e0fdd8419ae8e91164a61d84219911f7648c73?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/239872ddb935e40a5bf46e7421e0fdd8419ae8e91164a61d84219911f7648c73?s=96&d=mm&r=g","caption":"KoDDoS"},"url":"https:\/\/fr.koddos.net\/blog\/author\/oiyndjepop\/"}]}},"jetpack_publicize_connections":[],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/fr.koddos.net\/blog\/wp-content\/uploads\/2020\/04\/Cobalt-Strike-Bug-Exposed-Thousands-of-Malware-CC-Servers.jpg?fit=825%2C510&ssl=1","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p9DjzA-uC","jetpack_likes_enabled":true,"_links":{"self":[{"href":"https:\/\/fr.koddos.net\/blog\/wp-json\/wp\/v2\/posts\/1898","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/fr.koddos.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/fr.koddos.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/fr.koddos.net\/blog\/wp-json\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/fr.koddos.net\/blog\/wp-json\/wp\/v2\/comments?post=1898"}],"version-history":[{"count":1,"href":"https:\/\/fr.koddos.net\/blog\/wp-json\/wp\/v2\/posts\/1898\/revisions"}],"predecessor-version":[{"id":1900,"href":"https:\/\/fr.koddos.net\/blog\/wp-json\/wp\/v2\/posts\/1898\/revisions\/1900"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/fr.koddos.net\/blog\/wp-json\/wp\/v2\/media\/1899"}],"wp:attachment":[{"href":"https:\/\/fr.koddos.net\/blog\/wp-json\/wp\/v2\/media?parent=1898"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/fr.koddos.net\/blog\/wp-json\/wp\/v2\/categories?post=1898"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/fr.koddos.net\/blog\/wp-json\/wp\/v2\/tags?post=1898"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}