MongoDB database deleted automatically

by

Hey It is a virus attack read this article https://www.bleepingcomputer.com/news/security/mongodb-apocalypse-professional-ransomware-group-gets-involved-infections-reach-28k-servers/

Actually more than 28k mongodb server have been attacked by the community and they have either deleted the database or have encrypted them. Now they are demanding Bit coin for giving backup.

Now the Question arises that is mongoDb safe as so many database have been deleted or encrypted

Answer is YES Mongodb is completely safe the reason behind this was the lack of security measures used by the programmers.

  1. You should only open the port of the server that are required example in Amazone web server (AWS) some programmers Open all the ports of security groups stop doing that.

Now come to the solution of the problem.

Do check mongod.conf file on the server:

When we install mongodb a file name mongod.conf is automatically generated on the server. you can check it by following command.

cd /etc/
sudo vim mongod.conf

in this image you will find bindIp is 127.0.0.1 which is a localhost means only this server is allowed to use the database in your case this must be 0.0.0.0 which allow the hackers to get access to your data and delete all the files so just update the bindIp to 127.0.0.1 and it wont happen as of now.

Even you can use mongo Authentication use this link for further reference https://docs.mongodb.com/manual/tutorial/enable-authentication/

enter image description here

More Related Contents:

  1. How to install mongoDB on windows?
  2. Mongodb: Failed to connect to 127.0.0.1:27017, reason: errno:10061
  3. Where is “START” searching for executables?
  4. Dependency Walker: missing dlls
  5. WiX (Windows Installer Xml), Create universal variables
  6. How do I deal with quote characters when using cmd.exe
  7. Windows batch script to parse CSV file and output a text file
  8. Using parameters in batch files at Windows command line
  9. How to create an infinite loop in Windows batch file?
  10. How to create SSH tunnel using PuTTY in Windows?
  11. How to force consistent line endings in Git commits with cross-platform compatibility
  12. IIS Manager in Windows 10
  13. Tracking CPU and Memory usage per process
  14. How can I get a list of all open named pipes in Windows?
  15. How do I configure Git to trust certificates from the Windows Certificate Store?
  16. What’s the nohup on Windows?
  17. Git Bash and Pageant are not using keys
  18. How to send double quote in -d parameter for curl.exe?
  19. ‘node’ is not recognized as an internal or external command
  20. How to view DLL functions?
  21. Get Folder Size from Windows Command Line
  22. PostgreSQL database service
  23. How do I add Ruby to the PATH variable on Windows?
  24. WAMPServer wont start because api-ms-win-crt-runtime-l1-1-0.dll is missing
  25. What does “@” mean in Windows batch scripts
  26. How to delete empty folders using windows command prompt?
  27. How do I add a manifest to an executable using mt.exe?
  28. Using forfiles with multiple file types for search mask?
  29. MSysGit and ssh config. missing
  30. Create a list or an array and print each item in Windows Batch

Leave a Comment