An attack called Mongo Lock is targeting remotely accessible and unprotected MongoDB databases, wiping them, and then demanding a ransom in order to get the contents back.
A misconfigured MongoDB server belonging to Abbyy, an optical character recognition software developer, allowed public access to customer files.
A MongoDB database was exposed online that contained health care information for 2 million patients in Mexico. This data included information such as the person's full name, gender, date of birth, insurance information, disability status, and home address.
Security researchers have stumbled across a MongoDB database containing the personal details of over 25,000 users who invested in or received Bezop (BEZ) cryptocurrency.
Amazon AWS S3 cloud storage servers might soon fall victims to ransom attacks, similar to how hacker groups held tens of thousands of MongoDB databases for ransom throughout 2017.
For the second time in two months, the voter registration information of over 19 million Californians was leaked online via an unsecured MongoDB database, which was later held for ransom by hackers.
The details of over 19 million California voters were left exposed online in an unsecured MongoDB database and were later held for ransom, according to researchers from the Kromtech Security Center.
The recent wave of ransom attacks on MongoDB databases happened because database owners forgot to set passwords on their administrator accounts, according to Davi Ottenheimer, Senior Director of Product Security at MongoDB, Inc.
Ransom attacks on MongoDB databases rekindled last week and over the weekend with the emergence of three new groups that hijacked over 26,000 servers, with one group hijacking 22,000.
An unknown hacker is accessing public and unsecured Apache Cassandra databases and adding an extra table through which it warns server owners that their DB was left exposed to online attacks.
For the past week, unknown groups of cyber-criminals have taken control of and wiped data from CouchDB and Hadoop databases, in some cases asking for a ransom fee to return the stolen files, but in some cases, destroying data just for fun.
The ransomware scourge does not want to let up. This week we have seen lots of small infections released, a very professional Spora Ransomware payment site, the continuing relentless attack on MongoDB databases, and a big time ransomware payout. The good news is that wwe also had a few decryptors released by Emsisoft!
After days of wreaking havoc among MongoDB servers, a group of crooks has moved on to hijacking ElasticSearch servers and asking for similar ransoms.
Almost nine days after attacks on MongoDB servers have ramped up, the number of ransacked databases has reached 32,380 hosts, and the number of groups involved in these attacks has grown to 21, after initially just one group had been involved.
The number of hijacked MongoDB servers held for ransom has skyrocketed in the past two days from 10,500 to over 28,200, thanks in large part to the involvement of a professional ransomware group known as Kraken.
What started as isolated incidents on Monday has transformed into an all out destruction of thousands of MongoDB servers by the end of the week.