Last week, researchers found nearly 600TB of 30,000 MongoDB instances were accessible over the Internet without any authorization enabled. Bkav took a deep look into Viet Nam’s situation, and learned that 1,507GB stored in 1,300 databases are exposed.
MongoDB Checker built by Bkav
Specifically, affected older versions of MongoDB lack a 'bind_ip 127.0.0.1' option set in the mongodb.conf, leaving their server vulnerable if the user is unaware of the setting.
According to Bkav, a normal user who only knows MongoDB server IP could access and read information stored in this database.
By verifying IP address and domain, it is shown that these data are related to many big economic and commercial sites, some news sites, game databases and a government site in Vietnam.
Bkav has urgently called and informed affected organizations and supported them to address the issue.
MongoDB users are advised to check the current version. If MongoDB is version 2.6.7 or older than version 2.6, the user need to set firewall to prevent illegal access and upgrade to newest version.
System administrators can also use Bkav’s tool dubbed MongoDB Checker to check whether their systems are remotely accessible or not. The tool is available here http://tools.whitehat.vn. Click on the link and put your server’s IP address to perform the check.
- Viet Nam cyber security overview in 2017 and predictions for 2018
- New variant of Mirai malware targeting IoT devices in Vietnam
- More than 5,000 Linux system in Vietnam affected by serious flaw Dirty COW
- Malware attacking Vietnam Airlines appears in many other agencies
- Warning on malware hijacking smartphones in fake Pokémon GO
- Luật ATTT mạng số 86/2015/QH13 ra đời năm 2015
- Nghị định 85/2016/NĐ-CP
- Chỉ thị 14/CT-TTg năm 2018
- CT 14/2019, BTTT-CATTT
- Công văn số 2973/BTTTT-CATTT năm 2019 Hướng dẫn triển khai hoạt động giám sát an toàn thông tin trong cơ quan, tổ chức nhà nước hướng dẫn CQNN
- Công văn số 235/CATTT-ATHTTT năm 2020 hướng dẫn mô hình bảo đảm an toàn thông tin cấp Bộ, Tỉnh.