MongoDB Apocalypse Is Here as Ransom Attacks Hit 10,000 Servers

The same story on Ars has had a bit more traction (120+ comments).<p><a href="https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=13345947" rel="nofollow">https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=13345947</a>

&quot;hackers have now hit around 10,500 MongoDB servers. That&#x27;s about 25% of all MongoDB databases accessible via the Internet. The attacks don&#x27;t target all MongoDB databases, but only those left accessible via the Internet and without a password on the administrator account.&quot;<p>25% of mongodb installs externally accessible lack a fucking password on the admin account.<p>They deserve it. Maybe it will teach them something.

Maybe I&#x27;m being all &quot;get off my lawn&quot;, but I feel this is an almost inevitable result of attitudes about new stacks, the rise of the bootcamper, and hackathons-turned-product. In theory that young hipster developer that fits the mold would be just a junior on the team, and their enthusiam and foolhardiness towards moving fast and breaking things would be tempered by more mature team members and operators. However, I think we&#x27;re seeing a world where 2013 bootcamp grads are the seniors and the cult of hacking and iterating and breaking things means situations like this will become more common.

Why do so many MongoDB installation lack a password on the Admin account?<p>I tried search for me info, but could find anything. Was this the default? Procedure given in a popular tutorial? It seems pretty insane.

Is there a tool for checking mongo vulnerabilities?