Thousands of MongoDB databases have reportedly been compromised where cyber attackers have wiped data and demanded bitcoins to return them. The hackers claim that they have a copy which can be bought for around 1 bitcoin, but there is no information whether they return the data when the payment is done. There has been a recent surge in ransomware attacks that have compromised a number of systems. According to a Norway-based security researcher and Microsoft developer Niall Merrigan, almost 27 thousand MongoDB servers were compromised which is was estimated to be only around 2,000 to 8,000. Niall Merrigan tweeted: “Latest #Mongodb ransack looks like -27K servers compromised from 12K this morning..”
Used for analytics and data study, MongoDB is a famous open-source NoSQL database. In popular rankings, it comes after giants like Oracle, MySQL and Microsoft SQL Server. According to ethical hacker Victor Gevers, one-fourth of 99 thousand MongoDB instances which are open to the internet have been attacked. It has been said that ransom criminals target mainly those accounts which do not have password protected admin accounts.
Also read | 50 hacking cases in one-month post-demonetisation: TAC Security
Currently, the situation is really bad for MongoDB owners and there is no sign of hope. The worse part is many groups are hacking the same servers again and again, and exchanging notes on ransom which makes are almost impossible to track victim’s data. And this results in paying ransom to other people.
Malware attack is one of the most deadly attacks on any computer, and Ransomware being the worst. Hackers use ransomware to attack computers specifically of organisations and then encrypt delicate and important data, before asking for a ransom to give the data back. Small businesses to big enterprises, no one without proper resources is safe for such threats. Ransomware is used for encryption of valuable files and it is impossible for companies to get them back, and has to give in to the ransom demands.
