back to article MongoDB hackers now sacking ElasticSearch

It is open season on open services as net scum migrate from sacking MongoDB databases to insecure ElasticSearch instances. Some 35,000 mostly Amazon Web Services ElasticSearch servers are open to the internet and to ransoming criminals, Shodan boss John Matherly says. So far more than 360 instances have had data copied and …

  1. Alistair Silver badge
    Coat

    Mr & Mrs BlackHat

    Have received the December bill for their credit cards and are off to work.

  2. Doctor Syntax Silver badge

    "Send to this email your service IP after sending the bitcoins"

    So they don't have any way of connecting the ransom payment with the service? The obvious first step for an admin would be to send the email and hope to profit from someone else's payment.

    1. Netbofia

      How about proof?

      I'm assuming they ask for the bitcoin transfer proof. But then again send the money is probably as good as sending the hopeful email without proof. The end result should be the same.

      1st one you lose your money and data. But learn a valuable lesson in infosec.

      2nd you only lose your data. And still learn the lesson.

  3. Anonymous Coward
    Anonymous Coward

    AISI, not AISA.

    "AISA" in article is the Australian Information Security Association

  4. Anonymous Coward
    Anonymous Coward

    Just passing through

    I'm only here because I saw a screen shot of NES Duck Hunt and thought I'd drop in for the Duck Hunt Love Fest. Carry on.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019