Experts warn of mass-scanning for ENV files left unsecured online

guest · Nov 21, 2020

Experts warn of mass-scanning for ENV files left unsecured online
Threat actors are scanning the Internet for ENV files that usually contain API tokens, passwords, and database logins
November 21, 2020
https://securityaffairs.co/wordpress/111240/hacking/env-files-mass-scanning.html

Threat actors are scanning the internet for API tokens, passwords, and database logins that are usually used to store ENV files (Environment files) accidentally left exposed online.

Environment files are configuration files that usually contain user environment variables for multiple frameworks and development tools such as Docker, Node.js, Django, and Symfony.
Obviously these files should not be exposed online without any protection.
Click to expand...

Researchers from security firm Greynoise have reported that thousand of IP addresses have been involved in mass scanning operations aimed at discovering ENV files in the last three years. Experts reported that most of the IP addresses are in the United States, followed by Germany and France.

According to Greynoise, more than 1,000 scans have been observed over the past month.
Click to expand...

The lesson learned is to never expose online ENV files if we don’t want to make a gift to the attackers.
Click to expand...

Log in or Sign up

Experts warn of mass-scanning for ENV files left unsecured online

guest Guest

Log in or Sign up

Experts warn of mass-scanning for ENV files left unsecured online

guest Guest

Useful Searches