Industry News

Contributors

Alberto Casares

Product Manager
Jonathan Nelson
Kem Gay
Keon Ramezani

Solutions Architecht
Susan McCorriston

About

ALTO + 4IQ = CONSTELLA We believe the only way to defeat digital risk is by knowing how to work together to safeguard what matters most. That’s why our leading Digital Risk Protection solutions are broad, collaborative and scalable, powered by a unique combination of proprietary data, technology and human expertise. We’re diverse, multinational and fully committed to making the world a safer place, 24x7—simply and without limitations

Contact

289 S San Antonio Rd. Suite 110, Los Altos CA 94022 USA
info@constellaintelligence.com
constellaintelligence.com

Statistics

	Posts:	430
	Reposts:	0

Constella Archive

2 0

A new wave of Open DB hijacks is coming

Alberto Casares

September 7, 2017

https://www.passle.net/Content/Images/passle_logo-186px.png Passle https://passle.net

Alberto Casares

It was just a matter of time that cybercriminals move from MongoDB to other technologies such as ElasticSearch, MySQL, Cassandra, etc.

This spreadsheet tracks the attacks, with over 45,000 databases ruined. https://docs.google.com/spreadsheets/d/1QonE9oeMOQHVh8heFIyeqrjfKEViL0poLnY8mAakKhM/edit#gid=1781677175

{

From MongoDB, ransom attacks also spread to other server technologies, such as ElasticSearch, Hadoop, CouchDB, Cassandra, and MySQL servers.

https://www.bleepingcomputer.com/news/security/massive-wave-of-mongodb-ransom-attacks-makes-26-000-new-victims/

unknownx500

Massive Wave of MongoDB Ransom Attacks Makes 26,000 New Victims https://t.co/7DJCKVDZIR [Connected to the Internet? Better harden it!]
— Christophe Veltsos (@DrInfoSec) September 7, 2017

Massive Wave of MongoDB Ransom Attacks Makes 26,000 New Victims https://t.co/bgpdAtzAhX pic.twitter.com/u1kFUs7XCV
— Gary Braniff (@techsecurityblg) September 6, 2017

Latest Wave of MongoDB Database Ransom Attacks Soar to 26,000 Servers @campuscodi https://t.co/5Vs2OL4GnS https://t.co/jSVU2E3TWx
— Metacurity - Sign Up for Our Newsletter Already (@Metacurity) September 6, 2017

Massive Wave of MongoDB Ransom Attacks Makes 26,000 New Victims #cybersecurity #mongodb https://t.co/DFifkxJBAR
— ISI (@isicgllc) September 5, 2017

MongoDB are the target of data extortionists again, 26,000 servers hijacked https://t.co/49IiXjiYaf
— Threat Intelligence (@threatintel) September 5, 2017