Categories: NewsSecurity

MongoDB Hackers Demand Bitcoin Ransom From Over 26,000 Compromised Servers

Even though Bitcoin lacks all of the properties criminals should look for in an anonymous currency, it is still quite popular. The recent wave of attacks against unprotected MongoDB databases illustrates that point perfectly. All of the groups responsible for these attacks have demanded payments be made in Bitcoin. This last wave of attacks saw over 26,000 servers getting hijacked, which is an astonishing number. These types of attacks have been prominent since December of 2016.

MongoDB Attacks Continue Unabated

If something works just fine, there is no reason to fix it. Cybercriminals operate with a similar mindset; if their previous plan of attack was successful, all the more reason to keep experimenting with it. The MongoDB attacks, which started in December of last year, are still a lucrative business model for criminals nine months later. A lot of servers running such databases still are not properly protected against major attacks like these.

These types of ransom attacks against MongoDB databases only work if a database is left open for external connections. Unfortunately, there are quite a lot of such databases to be found, which can cause major problems for the companies involved. The assailants will copy the database content, wipe the original content, and replace it with a ransom demand. Considering how most companies cannot afford to lose important customer data, they are forced to pay the Bitcoin ransom as a result.

The recent wave of attacks was a joint operation by multiple hacking crews. One group in particular exposed over 22,000 MongoDB servers through an external connection. Two other groups enjoyed less of a success, although they made 3,516 and 839 victims respectively. As is to be expected, every victim is asked to make a

Related Post
Bitcoin payment. The ransom amounts range from 0.05 BTC to 0.2 BTC, indicating there is a lot of money to be made. Even if only 10% of the victims were to pay up, it would result in a 3,484.5 Bitcoin payday for all three hacking crews combined.

Luckily, it appears the majority of the exposed databases belong to test systems. Others contained production data and a few companies paid the ransom before realizing the criminals did not even have their data in the first place. It is unclear how much money changed hands due to these “bogus” ransom notes, though. Attacks against MongoDB databases have been ongoing for some time now, as over 45,000 databases have been wiped clean since last December. That is a very disappointing and disconcerting number.

Interestingly enough, this type of attack was virtually nonexistent as recently as this summer. With these three new groups emerging and scoring major initial successes, it is not unlikely we would see more attacks against MongoDB servers in the future. Database administrators need to properly evaluate their security settings and blacklist external connections from IP addresses not cleared by the company. It will take a bit of work to set this up properly, but it is direly needed.

These MongoDB attacks are only the latest tool in a growing arsenal of attack vectors maintained by cybercriminals these days. Malware, ransomware, data wipers, bricking tools, and database hacks are just some of the concerns security researchers have to deal with on a daily basis. Companies have to step up their security game in a big way to prevent more issues like these from happening. One cannot simply rely on security researchers in this regard, as it is due time to take matters into one’s own hands.

JP Buntinx

JP Buntinx is a FinTech and Bitcoin enthusiast living in Belgium. His passion for finance and technology made him one of the world's leading freelance Bitcoin writers, and he aims to achieve the same level of respect in the FinTech sector.

Share
Published by
JP Buntinx

Recent Posts

Qubetics $7.4M Presale Revolutionises Blockchain as Bitcoin and Chainlink Drive Innovation: Best Cryptos to Buy for 2025

The crypto market is abuzz with excitement as 2025 approaches. While Bitcoin continues to dominate…

1 hour ago

Best Altcoins to Buy Today: Why Qubetics’ Presale Could Be the Best Investment Opportunity of 2024

The cryptocurrency market never sleeps, and every day feels like an adventure. From household names…

7 hours ago

Forget DOGE and SHIB: These 5 Memecoins Are 2025’s Millionaire Makers

The memecoin craze is evolving, and a new wave of contenders is rising. With fresh…

16 hours ago

While Ethereum Approaches $6K, XYZVerse Prepares for a 16,900% Market Shakeup

As Ethereum's value inches toward unprecedented heights, another digital asset is set to make a…

16 hours ago

Four Meme Coins That Might Disappoint and One That Could Deliver Big Gains

Meme coins are the wild cards of the crypto world—one day they're "to the moon,"…

16 hours ago

Winter’s Altcoin Season to Explode: 3 Cryptos Every Trader Should Know!

As temperatures drop, the crypto market is heating up with anticipation. This winter could witness…

16 hours ago