Exposed MongoDB installs being erased, held for ransom

Security researcher Victor Gevers, co-founder of the GDI Foundation, a non-profit dedicated to making the internet safer, is urging administrators to check their MongoDB installations, after finding nearly two hundred of them wiped and being held for ransom.

Currently, as of Monday morning, Gevers says he’s discovered 196 instances of a MongoDB installation exposed to the public that’s been erased and held for ransom.

The person behind the attacks is demanding 0.2 BTC ($202.89 USD) as payment, and requiring system administrators email proof of ownership before the files are restored. Those without backups are left in a bind.

To read this article in full or to leave a comment, please click here