MongoDB Databases Hit by Multiple Groups of Ransomware Attackers

By eWEEK Staff  |  Posted 2017-01-10 Print this article Print

DAILY VIDEO: MongoDB ransomware impacts over 10,000 databases; Labor Department sues Google demanding more detailed employee data; Netsurion debuts SIEM-at-the-Edge and Breach Detection Services; and there's more.

'ShadowBrokers' Hacker Group Releases NSA Exploits After Auction Fails

DAILY VIDEO: Hacker group 'ShadowBrokers' release NSA Exploits after auction fails; Google...

IBM Introduces All-Flash Storage Systems for Cognitive Workloads

DAILY VIDEO: IBM unveils all-Flash storage for cognitive workloads; Microsoft Power BI reports go...

Facebook Starts 'Journalism Project' to Curb Fake News

DAILY VIDEO: Facebook unveils ambitious project to clean up news feeds; Google rolls out new cloud...

Yahoo to Emerge from Verizon Sale Under New Name: 'Altaba

DAILY VIDEO: CEO, co-founder to leave Yahoo, now known as Altaba; DHS designates election machines,...

Hacker Enters Guilty Plea to Attacks on U.S. Intelligence Officials

DAILY VIDEO: Hacker pleads guilty to attacks against U.S intelligence officials; Google spinoff...

MongoDB Databases Hit by Multiple Groups of Ransomware Attackers

DAILY VIDEO: MongoDB ransomware impacts over 10,000 databases; Labor Department sues Google demanding...

FTC Sues D-Link Over Security Flaws in Routers, IP Cameras

DAILY VIDEO: FTC claims D-Link routers and IP cameras are leaving consumers at risk; Microsoft...

Red Hat Improves Hybrid Cloud Management With CloudForms 4.2

DAILY VIDEO: Red Hat CloudForms 4.2 Improves Hybrid Cloud Management; Virtual Reality-Enabled Windows...

DHS-FBI Report Provides Details on Russian Hacks of U.S. Targets

DAILY VIDEO: DHS-FBI report details Russian malicious cyber activity; U.S. prosecutors charge three...

Amazon Refuses to Give Police Echo Digital Assistant User Transcripts

DAILY VIDEO: Amazon resists warrant for Echo digital assistant user transcripts; South Korea fines...

Read more about the stories in today's news:


Today's topics include ransomware attacks on MongoDB database applications, the U.S. Department of Labor’s demands that Google gather more detailed employee data, Netsurion's new network threat detection and mitigation services, and AT&T’s partnership with international security provider Gemalto to strengthen AT&T’s internet of things offerings.

Attackers are exploiting misconfigured open-source MongoDB databases and holding them for ransom. The ransomware attacks against MongoDB were first publicly reported by GDI Foundation security researcher Victor Gevers on Dec. 27, 2016, and have been steadily growing ever since, with at least five different groups of hackers taking control of over 10,000 database instances.

Among the most recent groups to join the MongoDB ransomware attack was one reported on Jan. 6, by security researcher Nial Merrigan. The MongoDB attackers are only identified by the email address that is used to demand payment.

The new group identified as, has already compromised at least 17 MongoDB instances and is demanding 0.25 Bitcoin from victims to get the data back.

The amounts being demanded by attackers vary from a low of 0.15 Bitcoin up to a full Bitcoin. Bitcoin has fluctuated in value so far in 2017, and as of Jan 6, is worth approximately $892 USD.

The U.S. Department of Labor has sued Google for allegedly failing to submit compensation information on its employees as required under equal opportunities hiring practices laws.

The lawsuit filed with the Labor Department’s Office of Administrative Law Judges seeks to bar Google from bidding for government contracts until it provides the requested data. The Labor Department complaint also calls on the court to issue an order canceling all of Google’s existing government contracts and subcontracts unless the company complies with its obligations.

The dispute stems from what the Department of Labor described as a routine request for employee compensation data from Google as part of a random audit of the company’s compliance with relevant employment and hiring laws.

However, in a statement, Google denied that it was resisting the government's request to turn over the data to the Department of Labor and said that its actions were based on the fact that the requested data was far too broad and intrusive.

Security firm Netsurion is launching its first new services since acquiring security information and event management vendor EventTracker in October 2016.

The new SIEM-at-the-Edge and Breach Detection Services expand Netsurion's product portfolio and bring advanced threat detection and mitigation capabilities to small businesses and branch offices. Netsurion CEO Kevin Watson explained that the new services are two stages of a similar concept.

The basic idea behind both services is to collect network information from end-points and then provide alerts on events that are potentially problematic. Events could include items such as the installation of a new executable on a system and different user behavior patterns. In total, Watson said that there are 32 different alerts that can be triggered based on detected events.

AT&T, in a race with competitors Verizon, Time Warner and others to build a go-to internet of things development franchise, has selected international security provider Gemalto to handle its remote subscription management processes.

Gemalto, the world's largest provider of enterprise digital security software and services, is now supplying AT&T with a package that will enable its customers to deploy new and highly secure internet of things applications in the U.S. and globally. The companies made the announcement Jan. 4 at CES 2017 in Las Vegas.


Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel