Late last year, developer of information security alarms for single cases in which criminals attack and steal database based on MongoDB, demanding ransom for their return. The cases have become more frequent and it significantly, we understand from Mackeeper Publication in Security Week.
In the past days, the number of attacked MongoDB instances has grown to over 10,000, and now there are several organized cybercrime groups carrying out attacks. What is the attack? The attacking side is looking for Internet spectrum for MongoDB installations, then steal data stored in them and replace them with a message containing WARNING. In most cases, the ransom amount to 0.2 Bitcoin (just over $ 175), and judging by page portfolio of criminals more than 20 companies have paid the amount to get back access to your information. The newspaper reports that to date have compromised more than 8500 installations of the software by criminals recently changed the email address and the address of their Bitcoin wallet. According Mackeeper, one of the stolen database belongs to a health institution - of Emory Healthcare - which were probably stolen over 200 000 records. The concern is that cases of compromised systems is increasing, and the number of groups who attack them, and thus demands a ransom. The company advised not to pay ransom to the criminals, in some cases, databases were directly deleted. By MongoDB blogging site recommendations for best practices for managing MongoDB installations that will keep safely administered their data.