From Source, It started on 7 May and it took too long time May 22 to secure the database. Cyber experts discovered an exposed Elastic Search database when people were browsing BinaryEdge and Shodan. The database which leaked appeared to be under control by a Thailand-based mobile network operator which is mainly known as Advanced Info Service(AIS).
Finding deep news it comes that AIS is the Thailand largest GSM mobile Network which has almost “40.23 million customers” as of 2018. The database is maintained and controlled by the subsidiary Advanced Wireless Network(AWN). It has the combination of DNS query logs and NetFlow logs that appears to be an AWN customer. If someone got all this data then it is easy to create a user track of internet surfing. After this information comes then the Thailand national CERT Team (ThaiCERT) be in action and contact AIS and secure the database.
What is AWN?
According to the source, AWN is a provider of wired as well as wireless network service and telecommunication network provider. This company started in 2005 according to website information. AWN is the subsidiary company of Advanced info Service (AIS).
AWN’s network connects directly with AIS which has only upstream peers. When the ThaiCERT contacted AIS about the exposed database then the database went offline.
When did that data leak start?
Based on the source story, the data was first hit on May 1 and then after May 7, 2020. There was not a single server left exposed on the internet without any authentication.AIS has been notified about the exposed database.
How Much Data Leaked?
Overall it would be 8.3 billion documents which are around 4.7 Terabyte data. On May, 21st,2020 8,336,189,132 Documents were stored in the database, and data contained NetFlow data and DNS Query logs. When they found it was roughly logged for only 8 days but why?
Why they stopped logging after 8 Days questions are still open. Team perception is that they got more data than they entered to capture. Forensic says they logged roughly 2,538 DNS seconds per second for that period of time.
What do they get from data?
A lot of information can come out if they really follow the documents and data. They basically know your whole query generated on the internet and after that they are also able to know your personal information.
Based on the DNS queries it might be possible that they identify the person whole data because of DNS capture whole information of machine and queries. For example :
- They use android TV is connected with internet
- They use apple devices are connected with internet
- They use windows devices and the software you use with cloud connectivity.
- They use Antivirus.
- They even use your social media account also.
- They read you google chrome or other browser saved information and history.
Nice
[…] of pirated movie Sites then it is okay but you need to know that most of the free movie files and free movie sites are installing nasty computer viruses. Sometimes it infects you pc and takes control of your […]
[…] 13,500 Mobile phones are having the same IMEI number then it was a big issue for all in the securities issues, Criminals […]