Three groups of hackers have wiped around 26,000 MongoDB databases over the weekend and demanded victims to pay about $650 to have them restored.
The new wave of MongoDB ransom attacks marks a resurgence of the massive assault on unsecured instances of the open-source NoSQL database earlier this year. The attacks were discovered by security researchers Victor Gevers and Niall Merrigan.
The current attacks are being tracked by Gevers and fellow researcher Dylan Katz. According to the ‘MongoDB ransacking’ Google Docs spreadsheet that the pair are updating, one group using the address ‘firstname.lastname@example.org’ has ransacked over 22,000 MongoDB instances.