Categories: Data StorageDataBase

27,000 MongoDB Databases Suffer Ransomware Attack

Security researchers are warning of a widespread attack against the MongoDB database management system, which shows no sign of slowing.

The assaults reportedly began in December, but have surged in volume in the past couple of weeks and are now said to be impact 27,000 MongoDB installations.

The online extortionists reportedly replace the database with an empty database and demand a fee to return the data.

Ransomware Attacks

The ransomware attacks against vulnerable MongoDB installations, was initially only carried out by one hacker, but he or she has now been joined by a number of other groups according to Victor Gevers of the GDI Foundation, and Niall Merrigan, a Norwegian developer.

The poorly configured databases are reportedly either not password-protected or protected by weak passwords, and the extortionists are demanding one bitcoin each.

According to Gevers and Merrigan, these groups are attacking already compromised database, which means that the owners don’t know which group are responsible and who to pay the ransom to. And apparently the some attackers don’t even bother saving the database or making a copy of it, which means that some companies have permanently lost their data.

“Right now it’s bedlem,” Merrigan told Bleeping Computer. “Attackers are deleting each others’ ransoms as quick as they pop up.”

“It’s a very interesting case, and it’s like watching a gold rush at this point,” he added.

Silicon has approached MongoDB for comment but has not received a reply at the time of writing.

Significant Player

MongoDB is a popular open-source NoSQL database, widely used for big data and analytics, and has received significant levels of funding in the past.

It also has some big name users. For example the UK’s Met Office uses MongoDB to process huge amounts of data from outer space, turning it into useful space weather forecasts.

And eHarmony, a dating website that claims to process a billion potential matches daily, adopted MongoDB instead of a decentralised SQL database.

Last year Australian security researcher Troy Hunt warned that members of elite dating website BeautifulPeople.com had their personal details leaked and put up for sale online.

The data was obtained after an attack against a test server containing a MongoDB database.

Quiz: How well do you know open source software?

Read also : The Value of Data
Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

Apple Sales Rise 6 Percent After Early iPhone 16 Demand

Fourth quarter results beat Wall Street expectations, as overall sales rise 6 percent, but EU…

22 hours ago

X’s Community Notes Fails To Stem US Election Misinformation – Report

Hate speech non-profit that defeated Elon Musk's lawsuit, warns X's Community Notes is failing to…

23 hours ago

Google Fined More Than World’s GDP By Russia

Good luck. Russia demands Google pay a fine worth more than the world's total GDP,…

24 hours ago

Spotify, Paramount Sign Up To Use Google Cloud ARM Chips

Google Cloud signs up Spotify, Paramount Global as early customers of its first ARM-based cloud…

2 days ago

Meta Warns Of Accelerating AI Infrastructure Costs

Facebook parent Meta warns of 'significant acceleration' in expenditures on AI infrastructure as revenue, profits…

2 days ago

AI Helps Boost Microsoft Cloud Revenues By 33 Percent

Microsoft says Azure cloud revenues up 33 percent for September quarter as capital expenditures surge…

2 days ago