Exposed MongoDB instances still targeted in data extortion attacks

A single threat actor is actively targeting exposed MongoDB instances in automated data extortion attacks, demanding around $500 in Bitcoin for data restoration. Researchers found that nearly half of publicly accessible MongoDB servers were compromised, with ransom notes indicating a single attacker responsible for the majority of attacks.