Categories: NewsSecurity

MongoDB Hackers Demand Bitcoin Ransom From Over 26,000 Compromised Servers

Even though Bitcoin lacks all of the properties criminals should look for in an anonymous currency, it is still quite popular. The recent wave of attacks against unprotected MongoDB databases illustrates that point perfectly. All of the groups responsible for these attacks have demanded payments be made in Bitcoin. This last wave of attacks saw over 26,000 servers getting hijacked, which is an astonishing number. These types of attacks have been prominent since December of 2016.

MongoDB Attacks Continue Unabated

If something works just fine, there is no reason to fix it. Cybercriminals operate with a similar mindset; if their previous plan of attack was successful, all the more reason to keep experimenting with it. The MongoDB attacks, which started in December of last year, are still a lucrative business model for criminals nine months later. A lot of servers running such databases still are not properly protected against major attacks like these.

These types of ransom attacks against MongoDB databases only work if a database is left open for external connections. Unfortunately, there are quite a lot of such databases to be found, which can cause major problems for the companies involved. The assailants will copy the database content, wipe the original content, and replace it with a ransom demand. Considering how most companies cannot afford to lose important customer data, they are forced to pay the Bitcoin ransom as a result.

The recent wave of attacks was a joint operation by multiple hacking crews. One group in particular exposed over 22,000 MongoDB servers through an external connection. Two other groups enjoyed less of a success, although they made 3,516 and 839 victims respectively. As is to be expected, every victim is asked to make a

Related Post
Bitcoin payment. The ransom amounts range from 0.05 BTC to 0.2 BTC, indicating there is a lot of money to be made. Even if only 10% of the victims were to pay up, it would result in a 3,484.5 Bitcoin payday for all three hacking crews combined.

Luckily, it appears the majority of the exposed databases belong to test systems. Others contained production data and a few companies paid the ransom before realizing the criminals did not even have their data in the first place. It is unclear how much money changed hands due to these “bogus” ransom notes, though. Attacks against MongoDB databases have been ongoing for some time now, as over 45,000 databases have been wiped clean since last December. That is a very disappointing and disconcerting number.

Interestingly enough, this type of attack was virtually nonexistent as recently as this summer. With these three new groups emerging and scoring major initial successes, it is not unlikely we would see more attacks against MongoDB servers in the future. Database administrators need to properly evaluate their security settings and blacklist external connections from IP addresses not cleared by the company. It will take a bit of work to set this up properly, but it is direly needed.

These MongoDB attacks are only the latest tool in a growing arsenal of attack vectors maintained by cybercriminals these days. Malware, ransomware, data wipers, bricking tools, and database hacks are just some of the concerns security researchers have to deal with on a daily basis. Companies have to step up their security game in a big way to prevent more issues like these from happening. One cannot simply rely on security researchers in this regard, as it is due time to take matters into one’s own hands.

JP Buntinx

JP Buntinx is a FinTech and Bitcoin enthusiast living in Belgium. His passion for finance and technology made him one of the world's leading freelance Bitcoin writers, and he aims to achieve the same level of respect in the FinTech sector.

Share
Published by
JP Buntinx

Recent Posts

Best Crypto Wallets 2024: Top Choices for Security & Rewards

The 5 Best Crypto Wallets Worth Using in 2024 — Find Out Why Selecting a…

27 mins ago

Ethereum Ecosystem Primed For A November Rally – ETH Coins Chainlink (LINK), Toncoin (TON), And Cutoshi (CUTO) The Ones To Watch

With a Total Value Locked (TVL) of $50.72B, Ethereum is the world's largest blockchain, with…

7 hours ago

Analysts Predict a Rollblock 5000% Surge Dwarfing Pepe Coin and Popcat Recent Fame

The meme coin market has recently been surging once again; tokens such as Pepe and…

17 hours ago

FLOKI Dominates Meme Market as Rollblock ICO Skyrockets. Is Polkadot Losing Its Edge?

The FLOKI price has recorded over 300% yearly ROI, dominating crypto gains in the meme…

17 hours ago

Which Crypto Could Turn $1K Into $100K: Algorand (ALGO), Aptos (APT), or Rollblock (RBLK)?

Crypto investors are constantly searching for promising opportunities to diversify their portfolios and Algorand, Aptos,…

17 hours ago

Which Crypto Could Turn $1K Into $100K: Algorand (ALGO), Aptos (APT), or Rollblock (RBLK)?

Crypto investors are constantly searching for promising opportunities to diversify their portfolios and Algorand, Aptos,…

17 hours ago