A person Hijacking Unprotected MongoDB Databases for Ransom

3
1861

Way to protect your self?

  • Allow authentication that provides you ‘protection intensive’ in case your community is compromised. Edit your MongoDB configuration file — auth = proper.
  • Use firewalls — Disable far off get admission to to the MongoDB, if possible. Admins are counseled to apply firewalls to guard the MongoDB installations via blocking off get right of entry to port no. 27017.
  • Configure Bind_ip — restriction access to the server by using binding nearby IP addresses.
    improve — directors are strongly recommended to improve their software program to the contemporary release.
  • MongoDB is the maximum famous, open-supply NoSQL database utilized by corporations of all sizes, from eBay and Sourceforge to The NY Times and LinkedIn. directors are recommended to comply with a security tick list furnished via the corporation.

16 sufferers Already Paid the Ransom

It seems that around sixteen companies so far have paid the ransom to the attacker.

Matherly has been warning of the risks of uncovered MongoDB installations because 2015, allowing an attacker to remotely get right of entry to the databases over the internet without the need for any shape of authentication.

Matherly said the majority of publicly exposed 30,000 MongoDB instances run on cloud servers which include Amazon, Digital Ocean, Linode, and internet carrier and web hosting provider OVH and achieve this without authentication, making cloud offerings buggier than datacenter website hosting.

A Way to understand if you’ve Been Hacked?

  • check the MongoDB accounts to peer if nobody added a secret (admin), the user.
  • check the GridFS to appearance if someone saved any files there.
  • Take a look at the log files to a peer who accessed the MongoDB.

3 COMMENTS

  1. Great blog here! Also your site loads up fast! What web host are you using?
    Can I get your affiliate link to your host? I wish my site loaded up as fast as yours lol

  2. Thanks for writing this! I visit your blog fairly often and I always feel more intelligent afterwards.
    I shared this post on Facebook and my friends thought it was great too.
    Anyhow, I just wanted to tell you that I appreciate
    what you’re doing here. Sincerely, Your #1 fan! lol :
    )

  3. Superb blog you have here but I was wanting to know if you knew of any
    message boards that cover the same topics talked about in this article?
    I’d really love to be a part of community where I can get suggestions from other knowledgeable people that share the same interest.
    If you have any suggestions, please let me know.
    Thank you!

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.