MongoDB, the most recent victim of a cybercriminal attack, is a cross platform database company. By wiping out its contents, 22,900 unsecured databases have been infiltrated. In exchange for a back up of the data, the gang behind the attack has asked Bitcoin for payments.
According to WeLiveSecurity, the cybersecurity company ESET threatens to notify authorities in charge of enforcing the EU General Data Protection Regulation or GDPR when the ransom is not paid within a two-day period.
A ZDNet reports that nearly 47 per cent of MongoDB 's entire database accounts for the number of databases compromised in the "Wiping & Ransom" attack.
The hackers have requested over $3.2 million in total.
The hackers were scanning each database using an automated script, and left a ransom note for each of them for 0.015 BTC, or about $140. The hackers also have a guide that explains to victims how to buy the Bitcoin they need.
Victor Gevers, a GDI Foundation security researcher, said:
'There was no data-wiping feature in the early attacks. Once the misconception had perceived the error in its script it changed and began to wipe off the MongoDB database. Attacks on this particular ransom note were recorded all year round.
The hackers are looking for a total of about $3.2 million from MongoDB.
A series of attacks were launched in June by the Ransomware group, REvil, aiming at three companies in the USA and Canada. Then the data of two companies were leaked and sensitive data from the third were threatened to be disclosed.