MySQL is currently open without authentication.
Additionally a ransom note has been found in the dataset which indicates it has been compromised
This results in all the database data made available publicly.
Severity: critical
Fingerprint: cf350410ecceb5fd2946996ee1f89ef752e6e4d22bab8920878da4dedf9c76c5
Databases: 32, row count: 139430, size: 7.8 MB Found table Z_README_TO_RECOVER.RECOVER_YOUR_DATA with 2 records Found table mysql.columns_priv with 0 records Found table mysql.db with 2 records Found table mysql.engine_cost with 2 records Found table mysql.event with 0 records Found table mysql.func with 0 records Found table mysql.general_log with 2 records Found table mysql.gtid_executed with 0 records Found table mysql.help_category with 40 records Found table mysql.help_keyword with 798 records Found table mysql.help_relation with 696 records Found table mysql.help_topic with 602 records Found table mysql.innodb_index_stats with 10 records Found table mysql.innodb_table_stats with 3 records Found table mysql.ndb_binlog_index with 0 records Found table mysql.plugin with 0 records Found table mysql.proc with 48 records Found table mysql.procs_priv with 0 records Found table mysql.proxies_priv with 1 records Found table mysql.server_cost with 6 records Found table mysql.servers with 0 records Found table mysql.slave_master_info with 0 records Found table mysql.slave_relay_log_info with 0 records Found table mysql.slave_worker_info with 0 records Found table mysql.slow_log with 2 records Found table mysql.tables_priv with 2 records Found table mysql.time_zone with 2074 records Found table mysql.time_zone_leap_second with 0 records Found table mysql.time_zone_name with 1600 records Found table mysql.time_zone_transition with 124366 records Found table mysql.time_zone_transition_type with 9166 records Found table mysql.user with 8 records
Severity: high
Fingerprint: cf350410ecceb5fdebd6b760d92c9051d92c9051d92c9051d92c9051d92c9051
Databases: 1, row count: 2, size: 16.4 kB Found table Z_README_TO_RECOVER.RECOVER_YOUR_DATA with 2 records
The Kafka instance is available to the public without authentication.
An attacker could connect to the queue to extract private/confidential information in real-time.
Fingerprint: 43224224eeda9da960defeaa3b588febc521de95ebd502b4d21aed14d21aed14
NoAuth Found topic recordMessage Found topic topic.test Found topic hello_human Found topic __consumer_offsets
Fingerprint: 43224224eeda9da960defeaa0231df24005e5fff369f7f6775e3cfa875e3cfa8
NoAuth Found topic topic.test Found topic hello_human Found topic __consumer_offsets Found topic recordMessage
Fingerprint: 43224224eeda9da960defeaa0efe442a6696a86b896953153d439c343d439c34
NoAuth Found topic __consumer_offsets Found topic recordMessage Found topic topic.test Found topic hello_human
Fingerprint: 43224224eeda9da960defeaac88332710b2d6db13214e0ce8652009086520090
NoAuth Found topic hello_human Found topic __consumer_offsets Found topic recordMessage Found topic topic.test
Fingerprint: 43224224eeda9da960defeaa0231df24049f4dc1b28782c1b28782c1b28782c1
NoAuth Found topic topic.test Found topic recordMessage Found topic __consumer_offsets
Fingerprint: 43224224eeda9da960defeaa0efe442a2be458a4c8e6c241c8e6c241c8e6c241
NoAuth Found topic __consumer_offsets Found topic topic.test Found topic recordMessage
Fingerprint: 43224224eeda9da960defeaa3b588feb46ce63335673e5ad5673e5ad5673e5ad
NoAuth Found topic recordMessage Found topic __consumer_offsets Found topic topic.test
Open service 39.100.138.107:3307
2024-09-15 20:28
MySQL detected
Open service 39.100.138.107:3307
2024-09-13 20:37
MySQL detected
Open service 39.100.138.107:3307
2024-09-07 20:24
MySQL detected
Open service 39.100.138.107:3307
2024-08-17 22:58
MySQL detected
Open service 39.100.138.107:3307
2024-08-15 22:43
MySQL detected
Open service 39.100.138.107:3307
2024-08-13 22:24
MySQL detected
Open service 39.100.138.107:3307
2024-08-11 21:11
MySQL detected