Need abetter understanding of how damaging ransomware attacks can be? There’s no better case study than what’s happened to MongoDB.
Last week, it came to light that unsecured MongoDB databases were being hit by an attacker demanding a 0.2BTC ransom ($220) to return the data he was holding hostage.
The attacker, who goes by the online handle Harak1r1, has been hitting servers across the globe, said penetration tester Victor Gevers, who noticed the attacks when he reported exposed installations to their owners.
He also warnedadmins via Twitter about the attacker, who to date appears to havecollected 16 deposits of exactly 0.2BTC via a Bitcoin wallet after having accessed unprotected databases, exported the content and replaced the data with the ransom demand.
Gevers, from Netherlands-based GDI Foundation, has been tracking the activity along withNiall Merrigan, a Norway-based developer. They’vewarned that it’s old MongoDB instances deployed via cloud hosting services, mostly...(continued)