Casa > cibernético Notícias > 12,564 Unsecured MongoDB bancos de dados apagados por atacantes
CYBER NEWS

12,564 Unsecured MongoDB bancos de dados apagados por atacantes

Um total de 12,564 bases de dados MongoDB inseguros ter sido excluído no curso de três semanas. A mensagem é deixada após a exclusão alertando os proprietários de bases de dados para entrar em contato com os hackers para ter os dados restaurados.




Thousands of MongoDB Databases Deleted

The attackers were discovered and reported by independent security researcher Sanyam Jain. The researcher believes that the hacker(s) behind the attacks is most likely charging money in cryptocurrency, and according to the sensitiveness of the database, the sum may be bigger or smaller.

The researcher first spotted the attacks on April 24, when he first came across a wiped MongoDB database which didn’t contain the usual huge amounts of leaked data but rather the following note: “Restaurar ? Contato : unistellar@yandex.com”.

relacionado: [wplinkpreview url =”https://sensorstechforum.com/mongodb-ransomware-attacks-misconfigured-servers/”] MongoDB Ransomware Ataques Servidores Misconfigured.

Em outras palavras, the hackers were leaving ransom notes asking the victims to contact them via email in case they want their data restored. Provided emails included unistellar@hotmail.com ou unistellar@yandex.com.

Since no other details were given such as an exact ransom amount, it’s very likely that the hackers are open to negotiate the terms of data recovering.

This is not the first time MongoDB databases are attacked this way. No 2017, finalmente 28,000 misconfigured MongoDB databases fell victims to hacker attacks. The attacks were possible because the servers were accessible via the Internet. The compromised servers were also misconfigured or prone to vulnerability exploits (due to unpatched flaws).

relacionado: [wplinkpreview url =”https://sensorstechforum.com/mongodb-virus-attacks/”] Mongo Bloqueio Ransomware Exclui vulneráveis ​​Bases de dados MongoDB.

Então, no 2018 MongoDB databases were at risk of the so-called MongoLock ransomware. Bob Diachenko – the security researcher who first discovered the malicious campaign shared that attackers would connect to an unprotected database and simply erase it. A new database called “Warning” with a collection inside it named “Readme” would be left in place of the old database. The Readme collection contained the ransom message which claimed that the database had been encrypted and that the victims needed to pay for restoration.

The MongoLock attack also didn’t ask for specific amount of money and left email addresses for the victims to get in touch with its operators.

Milena Dimitrova

Milena Dimitrova

Um escritor inspirado e gerente de conteúdo que está com SensorsTechForum desde o início do projeto. Um profissional com 10+ anos de experiência na criação de conteúdo envolvente. Focada na privacidade do usuário e desenvolvimento de malware, ela acredita fortemente em um mundo onde a segurança cibernética desempenha um papel central. Se o senso comum não faz sentido, ela vai estar lá para tomar notas. Essas notas podem mais tarde se transformar em artigos! Siga Milena @Milenyim

mais Posts

Me siga:
Twitter

Deixe um comentário

seu endereço de e-mail não será publicado. Campos obrigatórios são marcados *

Compartilhar no Facebook Compartilhar
Carregando...
Compartilhar no Twitter chilrear
Carregando...
Compartilhar no Google Plus Compartilhar
Carregando...
Partilhar no Linkedin Compartilhar
Carregando...
Compartilhar no Digg Compartilhar
Compartilhar no Reddit Compartilhar
Carregando...
Partilhar no StumbleUpon Compartilhar
Carregando...