A hacker that goes by the name Harak1r1 is attacking non-password protected MongoDB installations, wiping their content and installing a ransom note in place of the the stolen data, according to a report by IT Pro.
The attacks have been going on for several weeks, IT Pro says, and the most vulnerable deployments appear to be running on AWS. It’s estimated that 2,000 databases have been hit by the attack.
Administrators are encouraged to upgrade to the latest MongoDB version and follow the company’s security best practices.
For more on the vulnerability and what to do about it, check out IT Pro.
You may also like: Tips and Best Practices to Protect Yourself Against Ransomware