Good news ! Hackbusters community is waiting for you !  https://discuss.hackbusters.com
KnowBe4 has been running the HackBusters site for a few years now, providing you with trending IT security news. We are expanding it and have launched a new exciting online community! The forum is divided into four main topics or categories: Social Engineering, Ransomware, Phishing and Security Awareness Training. You are invited to be one of the first to join us at: https://discuss.hackbusters.com.

Princeton University becomes victim of MongoDB ransom attacks

Princeton Universitybecame oneof the more than 27,000 entities that recently had their databases wiped by attackers who claimthat if victims payransom, they’ll get their data back. The attackers have been able to access and overwrite databases in MongoDB installations that were left open on Port 27017. With no login or authentication required, anyone can access the files, exfiltrate them, edit them to corrupt the data, or just delete them all. In these cases, the attackers are deleting the databases.

The attack on Princeton was first detected by DataBreaches.net on January 7, and confirmed by Victor Gevers, the ethical hacker and founder of GDI who has been responsible for thousands of notifications.

After the attack, the database was replaced with a database called PLEASE_READ that contained the ransom demand.

In this case, thereplacement database provided an email address of[emailprotected]and the following note:

SEND 0.2 BTC TO THIS ADDRESS...(continued)
View All Trending Stories