MongoDB comprimised | Bitcointalksearch.org

Sg4j1n3ll0

sr. member

Activity: 322

Merit: 300

Quote from: DaveF on January 21, 2024, 09:05:22 AM

The attack on MongoDB that happened last month was against their corporate systems.
The vulnerability that seoincorporation mentioned was against the DB server that you host yourself. (and it's been patched)

Yes there are ways to test against it, but you are going to have to do some digging through the code.

And, since it's only on Mac / Windows and it's because it's not verifying some certificates properly that means that you have your DB server exposed to the public internet without having some security in front of it that will filter for this attack. And why would you be hosting a public DB server on Mac or Windows anyway?

-Dave

you can send me the code, i want dig with you Cheesy

DaveF

legendary

Activity: 3500

Merit: 6320

Crypto Swap Exchange

The attack on MongoDB that happened last month was against their corporate systems.
The vulnerability that seoincorporation mentioned was against the DB server that you host yourself. (and it's been patched)

Yes there are ways to test against it, but you are going to have to do some digging through the code.

And, since it's only on Mac / Windows and it's because it's not verifying some certificates properly that means that you have your DB server exposed to the public internet without having some security in front of it that will filter for this attack. And why would you be hosting a public DB server on Mac or Windows anyway?

-Dave

NotATether

legendary

Activity: 1568

Merit: 6660

bitcoincleanup.com / bitmixlist.org

Fuck, I guess it's time to finally turn on the MFA for Atlas. Sad

Sg4j1n3ll0

sr. member

Activity: 322

Merit: 300

Is there a way to test the vulnerability or replicate the error?

seoincorporation

legendary

Activity: 3346

Merit: 3125

I was looking at the CVE list for MongoDB and a couple of months ago there was a vulnerability that only affects Windows or macOS, but in the risk ranking it was 7.5.

https://www.cvedetails.com/cve/CVE-2023-1409/

In this attack that Vod mentioned was the company that got exploited, and their customers' data, but there is no information on how the attack happened, even could be an inside job, who knows. But that doesn't mean we can't trust the software anymore, with the right configuration should be secure enough.

By the way, this is important for the crypto community because tons of crypto projects use this DB to store the blockchain, these are some examples:

https://github.com/Iamparsa/DogeCoinDBSync
https://github.com/thelinuxkid/bitcoinquery

Vod

legendary

Activity: 3668

Merit: 3010

Licking my boob since 1970

For those of you that use databases in their project:

Quote

MongoDB is investigating a security incident involving unauthorized access to certain MongoDB corporate systems. This includes exposure of customer account metadata and contact information. At this time, we are NOT aware of any exposure to the data that customers store in MongoDB Atlas.

We detected suspicious activity on Wednesday (Dec. 13th, 2023) evening US Eastern Standard Time and immediately activated our incident response process. We are still conducting an active investigation and believe that this unauthorized access has been going on for some period of time before discovery. We have also started notifying relevant authorities.

What should you do next?

Since we are aware that some customer account metadata and contact information was accessed, please be vigilant for social engineering and phishing attacks.
If not already implemented, we encourage all customers to activate phishing-resistant multi-factor authentication (MFA) and regularly rotate passwords.
MongoDB will continue to update mongodb.com/alerts with additional information as we continue to investigate the matter.

Topic: MongoDB comprimised (Read 177 times)