Early on Jan. 9, about 12,000 MongoDB database servers were compromised. Later the number rose to 28,000 servers. As many as 46,000 servers are vulnerable to this attack.
A cyber-criminal using the alias “Harak1r1” exploited a weakness in the default installation of the popular database solution, MongoDB. He demanded a 0.2BTC ransom ($220) to return the data he exfiltrated from thousands of victim systems. Older installations of MongoDB that were deployed via cloud hosting services in an insecure default configuration were ...
Continue Reading →