Learning that tens of thousands of MongoDB database have been compromised and held hostage by ransomware is both startling and worrisome.
Groups of attackers have adopted a new tactic that involves deleting publicly exposed MongoDB databases and asking for money to restore them.The number of affected databases has risen from hundreds to more than 10,000.
What is MongoDB?
MongoDB is a free (no cost) and open-source database system. MongoDB is, instead, a document-oriented (rather than a table-oriented) database . Classified as a “NoSQL” database, it uses JSON-like documents to store information and is claimed to be much faster than schema-oriented databases.
you can use Shodan or zoomeye to search for installations of MongoDB.
A Many of MongoDB database have been compromised and held hostage by ransomware.And we can see this exemple:
Security of MongoDB
If you are using MongoDB and your database is held ransom, you not pay the ransom.There’s no guarantee that you’ll get it back from them.
MongoDB administrators are advised to follow the steps on the security checklist from the MongoDB documentation in order to lock down their deployments and prevent unauthorized access.