Security researcher Victor Gevers, co-founder of the GDI Foundation, a non-profit dedicated to making the internet safer, is urging administrators to check their MongoDB installations, after finding nearly two hundred of them wiped and being held for ransom.
Currently, as of Monday morning, Gevers says he’s discovered 196 instances of a MongoDB installation exposed to the public that's been erased and held for ransom. UPDATE: The count has reached nearly 2,000 databases as of 4:00 p.m.
The person behind the attacks is demanding 0.2 BTC ($202.89 USD) as payment, and requiring system administrators email proof of ownership before the files are restored. Those without backups are left in a bind.