Hacker targets 23,000 MongoDB databases to demand ransom


San Francisco, Jul 4 (IANS): A hacker was trying to extract money from administrators of around 22,900 MongoDB databases that are accessible without a password, said a media report.

The ransom note put on each of the databases asks for a 0.015 bitcoin (approximately $140) payment, ZDNet said in a report this week, adding that the ransomed databases account for roughly 47 per cent of all MongoDB databases exposed without password.

Most of these databases that are exposed online are due to misconfiguration resulting from honest mistakes.

The companies affected by the ransomed databases have been given two days time to pay.

In case of non-payment, the attacker has even threatened to leak data of the victims and get in touch with their local General Data Protection Regulation (GDPR) enforcement authority to report their data leak, said the report.

The current wave of attack on the exposed MongoDB databases began as early as April 2020.

This is not the first time "MongoDB wiping & ransom" attacks have come to the light.

Similar attacks were reported in 2017 and 2019 as well.

 

  

Top Stories


Leave a Comment

Title: Hacker targets 23,000 MongoDB databases to demand ransom



You have 2000 characters left.

Disclaimer:

Please write your correct name and email address. Kindly do not post any personal, abusive, defamatory, infringing, obscene, indecent, discriminatory or unlawful or similar comments. Daijiworld.com will not be responsible for any defamatory message posted under this article.

Please note that sending false messages to insult, defame, intimidate, mislead or deceive people or to intentionally cause public disorder is punishable under law. It is obligatory on Daijiworld to provide the IP address and other details of senders of such comments, to the authority concerned upon request.

Hence, sending offensive comments using daijiworld will be purely at your own risk, and in no way will Daijiworld.com be held responsible.