ElasticSearch is just a portable, high-grade internet search engine which companies install to improve their web programs’ data indexing and search capabilities. Such servers are usually installed on internal systems and are not meant to be left exposed online, as they usually handle that a organization’s most sensitive data.
Last week, Paine came across one ElasticSearch case that’d been abandoned unsecured on the web free of authentication to secure its sensitive content. From zimbabwe soccer , it had been clear to Paine that the server comprised data via an on the web gambling portal.
Despite being one host, the ElasticSearch example managed a huge swathe of advice that has been aggregated from multiple web domains, almost certainly from some kind of affiliate scheme, or a larger company operating multiple gaming portals.
After an analysis of the URLs spotted in the host’s statistics, Paine and ZDNet concluded that most domains were running online casinos where users can set bets on classic cards and slot games, but also other non-standard gaming matches.
A few of the domains that Paine seen from the leaky server included kahunacasino.com, azur-casino.
After some digging around, a few of the domains were possessed by exactly the exact same firm, but the others were possessed by companies located in exactly the exact same building at an address in Limassol, Cyprus, or were operating under exactly the exact same eGaming license number issued by the government of Curacao –just a little island in the Caribbean — suggesting that these were likely operated by the exact same entity.
An individual data which leaked using this ordinary ElasticSearch server comprised lots of sensitive details, such as real names, home addresses, phone numbers, email addresses, birthdates, site usernames, account balances, IP addresses, browser and OS information, last log in information, and a list of played matches.