Three hacking groups are once again targeting MongoDB databases, hijacking 26,000 open servers and asking for a ransom to release the data, according to security researcher Victor Gevers, chairman of the GDI Foundation.
"One of the hacking groups hijacked 22,000. And all groups are demanding about $650 to restore the data.
The initial attacks were first discovered by hackers in late 2016 and continued into early 2017. These attacks were simple for hackers to launch: They simply scanned the internet for MongoDB databases left open to external content, wiped the content and replaced data with a ransom demand."