An attack called Mongo Lock is targeting remotely accessible and unprotected MongoDB databases, wiping them, and then demanding a ransom in order to get the contents back.
UK-based shipping company Clarkson PLC (or Clarksons) has revealed more details about a security breach that took place last year, and during which hackers threatened to release some of the company's data online if it didn't pay a ransom demand.
Europol, French, UK, and Thai police arrested eight people they suspect to have been involved or to have been part of a notorious hacker group known as Rex Mundi (Latin for "King of the World").
A German hacker who launched DDoS attacks and tried to extort ransom payments from German and UK firms was sentenced last month to one year and ten months of probation.
Last week hackers gained access to the computer systems of the Uttar Haryana Bijli Vitran Nigam (UHBVN) power company in India and stole the billing data of their customers. In order to get the data back, the attackers are demanding 1 RS Core, or 10 million Rupess, for the stolen data. This is equivalent to approximately $150,000 USD
Ukrainian authorities have sentenced two individuals —a man and a woman— to five years suspended sentences for launching DDoS attacks and running a DDoS extortion scheme.
DDoS extortionists have already pounced on the Memcached DDoS attack vector in attempts to extract payments from attacked companies.
New research published on Monday reveals that 5.8% of all Amazon S3 buckets are publicly readable, while 2% are publicly writeable —with the latter allowing anyone to add, edit, or delete data, and even hold a victim's data for ransom.
Amazon AWS S3 cloud storage servers might soon fall victims to ransom attacks, similar to how hacker groups held tens of thousands of MongoDB databases for ransom throughout 2017.
For the second time in two months, the voter registration information of over 19 million Californians was leaked online via an unsecured MongoDB database, which was later held for ransom by hackers.
It took Chinese police only four days to arrest a hacker they believe breached the servers of two Hong Kong travel agencies, stole their data, and then asked for a ransom in Bitcoin.
The details of over 19 million California voters were left exposed online in an unsecured MongoDB database and were later held for ransom, according to researchers from the Kromtech Security Center.
The Sacramento Regional Transit (SacRT) public transportation agency was forced to shut down its website due to a security breach that took place on Saturday, November 18.
A hacker is trying to extort a Canadian university, threatening to dump student information unless university top brass pay 30,000 CAD (23,000 USD).
Security researchers, and what appears to be at least one hacker, have found an ElasticSearch server left exposed online that was hosting information about 1,133 National Football League (NFL) players and agents.
R6DB, an online service that provides statistics for Rainbow Six Siege players, went down over the weekend after an attacker wiped the company's database and asked a ransom.
A group of DDoS extortionists using the name of Phantom Squad has sent out a massive spam wave to thousands of companies all over the globe, threating DDoS attacks on September 30, if victims do not pay a ransom demand.
The recent wave of ransom attacks on MongoDB databases happened because database owners forgot to set passwords on their administrator accounts, according to Davi Ottenheimer, Senior Director of Product Security at MongoDB, Inc.
Ransom attacks on MongoDB databases rekindled last week and over the weekend with the emergence of three new groups that hijacked over 26,000 servers, with one group hijacking 22,000.
During the past week, there has been a sudden surge in online extortion campaigns, against regular users and security researchers alike.