27,000 Databases Held For Ransom in One Week (from January 14th)
If you’re using MongoDB installations to create your database, you could be in trouble.
Hacker Harak1r1 has been accessing, copying and deleting poorly configured MongoDB databases and holding the lost data for ransom this past week. It is estimated that over 27,000 databases have been compromised. The hacker is demanding anywhere from 0.2 to 1 bitcoins ($184 to $906 U.S.).
The cause of the ransomware? The database administrators themselves. Every case involves a server with an administrator account that was configured without a password. There are currently 99,000 vulnerable MongoDB databases.
Administrators are advised to enable authentication, use firewalls and update MongoDB software to the latest release in order to stay secure.
