Abuse to Bitcoin address
1MXvdC3xU96FJMqHe6MX7oMhVYMeZ3KbYL

We have a mongoDB that we leave open as a honey pot. It gets hit often. Here is what was left: { "_id" : ObjectId("5ee09f8eea4a2d1c206c90fb"), "content" : "All your data is a backed up. You must pay 0.015 BTC to 1MXvdC3xU96FJMqHe6MX7oMhVYMeZ3KbYL 48 hours for recover it. After 48 hours expiration we will leaked and exposed all your data. In case of refusal to pay, we will contact the General Data Protection Regulation, GDPR and notify them that you store user data in an open form and is not safe. Under the rules of the law, you face a heavy fine or arrest and your base dump will be dropped from our server! You can buy bitcoin here, does not take much time to buy https://localbitcoins.com with this guide https://localbitcoins.com/guides/how-to-buy-bitcoins After paying write to me in the mail with your DB IP: [email protected]\n" }

United Kingdom, 2020-06-25 13:30:45

Ransomware

Abuser: [email protected]

MongoDB - was only used for tests with dummy info. Same message as above

Israel, 2020-06-30 15:09:52

Ransomware

Abuser: [email protected]

Same email but different wallet. MongoDB wiped. Only the ransom readme was left. Impacted environment was legacy develop. so nice try kiddo.

Slovakia, 2020-07-01 09:23:20

Darknet market

Abuser: [email protected]

mongodb is attacked and this address is need pay 0.1BTC to recover our data

China, 2020-07-01 10:47:01

Ransomware

Abuser: [email protected]

Mongodb ransomware asking for 0.015 btc

United Kingdom, 2020-08-09 18:15:18

Ransomware

Abuser: [email protected]

The database contained a handful of documents, nothing that special or sensitive whatsoever. Dear hacker-dude: we had a dump, not a single document lost, nice try :)

Italy, 2020-08-11 16:07:55

Abuse to Bitcoin address 1MXvdC3xU96FJMqHe6MX7oMhVYMeZ3KbYL

Abuse to Bitcoin address
1MXvdC3xU96FJMqHe6MX7oMhVYMeZ3KbYL