#ElasticSearch & CVE-2015-1427

Actively being exploited as reported by Kaspersky  i saw this recently against one of my honeypots which is CVE-2015-1427

Logs

The highlighted area loads this shell script 

Payola?


I wonder who, [email protected]' is?