MongoDB And ransomware attacks

Learning that tens of thousands of MongoDB database have been compromised and held hostage by ransomware is both startling and worrisome.

Groups of attackers have adopted a new tactic that involves deleting publicly exposed MongoDB databases and asking for money to restore them.The number of affected databases has risen from hundreds to more than 10,000.

What is MongoDB?

MongoDB is a free (no cost) and open-source database system. MongoDB is, instead, a document-oriented (rather than a table-oriented) database . Classified as a “NoSQL” database, it uses JSON-like documents to store information and is claimed to be much faster than schema-oriented databases.

Search Engines

you can use Shodan or zoomeye to search for installations of MongoDB.


mongozzome.PNGransomware attack

A Many of  MongoDB database have been compromised and held hostage by ransomware.And we can see this exemple:



Security of  MongoDB

If you are using MongoDB and your database is held ransom,  you not pay the ransom.There’s no guarantee that you’ll get it back from them.

MongoDB administrators are advised to follow the steps on the security checklist from the MongoDB documentation in order to lock down their deployments and prevent unauthorized access.


One thought on “MongoDB And ransomware attacks

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s