from Hacker News

MongoDB Apocalypse Is Here as Ransom Attacks Hit 10,000 Servers

by sathishvj on 1/8/17, 7:20 AM with 16 comments

  • by slau on 1/8/17, 10:19 AM

    The same story on Ars has had a bit more traction (120+ comments).

    https://news.ycombinator.com/item?id=13345947

  • by gnarbarian on 1/8/17, 9:49 AM

    "hackers have now hit around 10,500 MongoDB servers. That's about 25% of all MongoDB databases accessible via the Internet. The attacks don't target all MongoDB databases, but only those left accessible via the Internet and without a password on the administrator account."

    25% of mongodb installs externally accessible lack a fucking password on the admin account.

    They deserve it. Maybe it will teach them something.

  • by bdcravens on 1/8/17, 10:29 AM

    Maybe I'm being all "get off my lawn", but I feel this is an almost inevitable result of attitudes about new stacks, the rise of the bootcamper, and hackathons-turned-product. In theory that young hipster developer that fits the mold would be just a junior on the team, and their enthusiam and foolhardiness towards moving fast and breaking things would be tempered by more mature team members and operators. However, I think we're seeing a world where 2013 bootcamp grads are the seniors and the cult of hacking and iterating and breaking things means situations like this will become more common.

  • by wonko1 on 1/8/17, 10:11 AM

    Why do so many MongoDB installation lack a password on the Admin account?

    I tried search for me info, but could find anything. Was this the default? Procedure given in a popular tutorial? It seems pretty insane.

  • by kapauldo on 1/8/17, 2:02 PM

    Is there a tool for checking mongo vulnerabilities?