MongoDB Databases Hit by Multiple Groups of Ransomware Attackers

By eWEEK Staff  |  Posted 2017-01-10 Print this article Print

DAILY VIDEO: MongoDB ransomware impacts over 10,000 databases; Labor Department sues Google demanding more detailed employee data; Netsurion debuts SIEM-at-the-Edge and Breach Detection Services; and there's more.

New LG G6 Smartphone to Feature Side-by-Side FullVision Display

DAILY VIDEO: LG G6 smartphone getting side-by-side FullVision display; Azure SQL database threat...

Verizon, Yahoo Agree to Reduce Buyout Price to $4.55 Billion

DAILY VIDEO: Verizon negotiates down to $4.55B for Yahoo transaction; Congressional staffers see...

Google Tells RSA Show Audience How it Secures a Billion Android Users

DAILY VIDEO: How Google secures over a billion Android users; Amazon moves into teleconferencing...

Oracle Appeals Ruling in Java Infringement Dispute With Google

DAILY VIDEO: Oracle revives Java copyright infringement dispute with Google; Apple to Mark Smartphone...

Trump Administration Holds Back Executive Order on Cyber-Security

DAILY VIDEO: White House withholds cyber-security order for further revision; Cortana to help Windows...

Kaspersky Finds New Malware Designed to Hide in Memory, Steal Data

DAILY VIDEO: Kaspersky discovers new malware designed to stealthily steal data; Microsoft to shield...

U.S. Court Orders Google to Turn Over Data Stored on Overseas Servers

DAILY VIDEO: Federal court says Google must turn over data in foreign servers; Cisco report: mobile...

Leak of Windows 10 Cloud Suggests Microsoft Readying Chrome OS Fighter

DAILY VIDEO: Windows 10 Cloud leak points to potential Chrome OS fighter; TiVo's analytics pinpoint...

Google Shuts Down Short-Lived Hands Free Mobile Payment App

DAILY VIDEO: Google drops hands free mobile payment app; Microsoft Outlook on iOS welcomes Evernote...

Snap Inc. Files for an IPO Worth an Estimated $3 Billion

DAILY VIDEO: Snap Inc. makes it official, will go public next month; Microsoft sharpens Edge browser...

Read more about the stories in today's news:


Today's topics include ransomware attacks on MongoDB database applications, the U.S. Department of Labor’s demands that Google gather more detailed employee data, Netsurion's new network threat detection and mitigation services, and AT&T’s partnership with international security provider Gemalto to strengthen AT&T’s internet of things offerings.

Attackers are exploiting misconfigured open-source MongoDB databases and holding them for ransom. The ransomware attacks against MongoDB were first publicly reported by GDI Foundation security researcher Victor Gevers on Dec. 27, 2016, and have been steadily growing ever since, with at least five different groups of hackers taking control of over 10,000 database instances.

Among the most recent groups to join the MongoDB ransomware attack was one reported on Jan. 6, by security researcher Nial Merrigan. The MongoDB attackers are only identified by the email address that is used to demand payment.

The new group identified as, has already compromised at least 17 MongoDB instances and is demanding 0.25 Bitcoin from victims to get the data back.

The amounts being demanded by attackers vary from a low of 0.15 Bitcoin up to a full Bitcoin. Bitcoin has fluctuated in value so far in 2017, and as of Jan 6, is worth approximately $892 USD.

The U.S. Department of Labor has sued Google for allegedly failing to submit compensation information on its employees as required under equal opportunities hiring practices laws.

The lawsuit filed with the Labor Department’s Office of Administrative Law Judges seeks to bar Google from bidding for government contracts until it provides the requested data. The Labor Department complaint also calls on the court to issue an order canceling all of Google’s existing government contracts and subcontracts unless the company complies with its obligations.

The dispute stems from what the Department of Labor described as a routine request for employee compensation data from Google as part of a random audit of the company’s compliance with relevant employment and hiring laws.

However, in a statement, Google denied that it was resisting the government's request to turn over the data to the Department of Labor and said that its actions were based on the fact that the requested data was far too broad and intrusive.

Security firm Netsurion is launching its first new services since acquiring security information and event management vendor EventTracker in October 2016.

The new SIEM-at-the-Edge and Breach Detection Services expand Netsurion's product portfolio and bring advanced threat detection and mitigation capabilities to small businesses and branch offices. Netsurion CEO Kevin Watson explained that the new services are two stages of a similar concept.

The basic idea behind both services is to collect network information from end-points and then provide alerts on events that are potentially problematic. Events could include items such as the installation of a new executable on a system and different user behavior patterns. In total, Watson said that there are 32 different alerts that can be triggered based on detected events.

AT&T, in a race with competitors Verizon, Time Warner and others to build a go-to internet of things development franchise, has selected international security provider Gemalto to handle its remote subscription management processes.

Gemalto, the world's largest provider of enterprise digital security software and services, is now supplying AT&T with a package that will enable its customers to deploy new and highly secure internet of things applications in the U.S. and globally. The companies made the announcement Jan. 4 at CES 2017 in Las Vegas.


Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel