Over 1,800 MongoDB Databases Held For Ransom By Mysterious Attacker

An anonymous reader writes: "An attacker going by the name of Harak1r1 is hijacking unprotected MongoDB databases, stealing and replacing their content, and asking for a 0.2 Bitcoin ($200) ransom to return the data," reports Bleeping Computer. According to John Matherly, Shodan founder, over 1,800 MongoDB databases have had their content replaced with a table called WARNING that contains the ransom note. Spotted by security researcher Victor Gevers, these databases are MongoDB instances that feature no administrator password and are exposed to external connections from the internet. Database owners in China have been hit, while Bleeping Computer and MacKeeper have confirmed other infections, one which hit a prominent U.S. healthcare organization and blocked access to over 200,000 user records. These attacks are somewhat similar to attacks on Redis servers in 2016, when an unknown attacker had hijacked and installed the Fairware ransomware on hundreds of Linux servers running Redis DB. The two series of attacks don't appear to be related.

You are much more sure than SCO is

[raymorris]

> To this day, I fail to understand the hypocrisy in supporting the little guy against giants like Apple and Microsoft, but rooting for another giant, IBM, to decimate SCO.

Some of us pay attention to who is right and wrong, rather than deciding absolutely everything based on "big mean corporation."

SCO originally filed for misappropriation of trade secrets and unfair competition. Later, they decided breach of contract might be better. Still later, they decided maybe copyright infringement. Obviously, SCO wasn't so sure exactly what they were complaining about - not nearly as sure as you are.

They claimed that up to 0.0001% of the Linux kernel might have been derived from Unix, but refused to say which parts. As the judge began to strike down their claims unless they identified which code they were talking about, they pointed to some BSD licensed code written by Thompson - code they clearly had no copyright rights to.

When it was pointed out that Novell, not SCO, owned the Unix copyright, SCO tried to buy the copyrights from Novell. Again, Novell clearly wasn't too sure they owned the copyrights, they were trying to buy them from Novell, yet you're sure that they already owned them.

SCO then claimed that the GPL itself is illegal and unconstitutional! Which would of course mean that SCO were themselves unlawfully distributing GPL code! Yeah that annoyed some people.

SCO didn't just lose a case, they were laughed out of court repeatedly. "We're suing you for violating the copyright on Unix, but we're still trying to buy that copyright so can we have a short delay?" What!?!? It was one of the most ridiculous cases ever. That's why people didn't root for SCO, it was because SCO was engaging in ridiculous trolling that made no sense. They argued that the "offending code" was part of the Linux kernel, then argued that it wasn't. They couldn't even make up their mind.