Ransomware Puts Databases Managed by MongoDB Under Seige

MongoDB Ransomware

What seems to be the handiwork of a group of hackers has seen tens of thousands of online MongoDB databases breached. This attack could exceed the 100,000 mark as there are that many more installations that are vulnerable.

So how did MongoDB get Breached?

It started off with the hacker Harak1r1 taking over MongoDB based databases and then wiping out or encrypt the entire database. In return to have everything restored a payment has to be made to get the data back.

Initially the amount was to be paid in BitCoin. With 0.2 BTC as the starting figure with the figure raising to 1 BTC. So far it looks like it is badly configured databases applications that have taken a hit and not necessarily that the database application is vulnerable.

Database administrators are expected to take precautions when setting up all databases and not just the MongoDB based databases. The security of these applications is usually as strong as how it is configured for use.

Generally you want users to have as few privileges as possible but still be able to function well.

Read Also  Elasticsearch Servers Being Wiped out in MongoDb Style Ransom Attacks