Over 12,000 MongoDB Databases Deleted by Unistellar Attackers

Sergiu Gatlan reports:

Over 12,000 unsecured MongoDB databases have been deleted over the past three weeks, with only a message left behind asking the owners of the databases to contact the cyber-extortionists to have the data restored.

Although not on this scale, these types of attacks targeting publicly accessible MongoDB databases have happened since at least early-2017 [1, 2, 3, 4]. Attackers looking for exposed database servers using BinaryEdge or Shodan search engines delete them and demand a ransom for their ‘restoration services’.

Read more on Bleeping Computer.

About the author: Dissent