MongoDB的攻击跳跃从数百0几天

Security researchers report a massive uptick in the number of MongoDB databases hijacked and held for ransom. On Monday, researcher Niall Merrigan reported 28,000 misconfigured MongoDB were attacked by more than a dozen hacker groups. That’s sharp increase from last week when 2,000 MongoDB had been hijacked by two or three criminals.
资料被前员工偷窥是经常发生的事情,重要的数据可能会影响组织的市场商业竞争力,甚至长久生存。企业需要从管理和技术两个主要方面进行数据防泄露的控管。
安全研究人员报告在MongoDB数据库劫持勒索赎金的数量大幅上升。上星期一,研究员Niall Merrigan0错误配置MongoDB是超过 十几个黑客组织攻击。那
A wave attacks was first spotted on Dec. 27 by Victor Gevers, an ethical hacker and founder of GDI Foundation. That’s when he said a hacker going by the handle “Harak1r1” was compromising open MongoDB installations, deleting their contents, and leaving behind a ransom note demanding 0.2 BTC (about $220).
一个波的攻击被首次发现日由Victor Gevers,GDI的基础道德黑客和创始人。那
Related Posts
相关文章
Victims would discover they were hit with the data theft only when they accessed the MongoDB and came across a top database field with the ransom demand that read, “Contact this email with your IP of your server to recover your database.”
受害者会发现他们被击中的数据被窃取,只有当他们访问MongoDB和遇到一个顶级数据库字段与赎金要求读,
Escalation of the attacks happened fast jumping from 200 14 days ago to 2,000 the following week. On Friday the numbers were at 10,000, and by Monday Merrigan said there was a huge spike in attacks via his Twitter account reporting 27,000 servers compromised representing 93 terabytes of data gone.
升级的攻击发生了快速跳跃天到下一。星期五的数字是在0,而星期一是说有 攻击大幅飙升通过他的推特帐户报0服务器泄露百万兆字节数据了。

WHOA… Latest #mongodb download from @shodanhq massive jump in ransomed databases 93TB gone (snapshots taken at 1530 and 2130 CET) pic.twitter.com/MakOlrbptt

— Niall Merrigan (@nmerrigan) January 8, 2017
Merrigan and Gevers have been tracking both the number of attacks and the number of groups behind them via a spreadsheet with the latest updates. As of this writing, close to 28,332 victims have been reported.
Merrigan和Gevers一直跟踪的一些攻击和通过最新的更新电子表格组背后的号码。截至本次报道,32名受害者已被报道。
Since identifying “Harak1r1” as the original attacker, they say more than a dozen additional hackers are now actively targeting MongoDB installations as well. Researchers said that in many cases, data stored in the MongoDB now is simply being destroyed and when victims pay the ransom they do not receive their data back.
自从识别
Last week, Gevers told Threatpost attackers were battling among themselves. He said, when one hacker would leave a ransom note, another hacker would target the same database, delete the original ransom note and leave their own. This further complicates a victim’s ability to retrieve data even if a ransom is paid, he said.
上周,Gevers告诉Threatpost攻击者正在他们之间。他说,当一个黑客会留下一张赎金通知时,另一个黑客会瞄准同一个数据库,删除原来的赎金笔记并留下自己的。这进一步使一个受害者复杂化
The problem stems from companies that have used the default installation configuration for MongoDB, which does not require authentication to access the database. Researchers say hackers using a Shodan query or scanning the Internet for vulnerable installations can easily find MongoDB servers online.
这个问题源于,使用默认的安装配置MongoDB的公司,它不要求身份验证访问数据库。研究人员说,黑客利用一段的查询或扫描互联网脆弱的设备可以很容易地找到MongoDB服务器在线。
Gevers said a recent scan using Shodan revealed 46,000 open MongoDB ripe for attack. He added that an uptick in victims is due to the fact attackers have automated attacks via scripts. He added that because the MongoDB configurations require no credentials, the script used in the attacks is simple to write and execute.
Gevers说,最近的一次扫描显0打开MongoDB使用撒旦攻击的时机已经成熟。他补充说,在受害者的上升是由于攻击者通过脚本自动攻击。他补充说,由于MongoDB的配置不需要证书,在攻击中使用的脚本 简单的写和执行。
Representatives at MongoDB did not return calls for comment. However, last week when initial reports of MongoDB databases being compromised began to surface, the company published instructions on how admins can secure their databases and respond to attacks.
一个信息安全动画小故事,随意丢弃损毁的U盘,被保洁员拾走,泄了密……
在MongoDB的代表没有回复记者要求置评的电话。然而,上周当MongoDB数据库被入侵的最初的报告开始浮出水面,该公司发表说明管理员可以确保他们的数据库和响应攻击。
报告称网站漏洞在减少但黑客水平在提高,互联网开发人员在接手项目和制定计划时应该考虑为“安全”分配更多的时间,还有要在软件中加入必要的安全控管功能,应对黑客不断提升的社会工程学诈骗水平,还需提升最终用户的防范意识。

猜您喜欢

云南临沧市财政局出台机关运转风险内部控制办法
保密意识公开课
网络安全意识动画片展播WIFI无线网络安全使用
小S晒煮妇日常:逛超市做饭看韩剧爱孔刘
CYSQ 211LORAIN
企业安全意识之歌