news.softpedia.com Open in urlscan Pro
2606:4700:10::6816:ce4  Public Scan

Form analysis
2 forms found in the DOM

GET /dyn-search.php

<form role="search" action="/dyn-search.php" method="GET" class="mgtop_15">
  <input id="hp_search" type="text" value="Search..." onkeydown="if(this.value=='Search...') this.value='';" onclick="if(this.value=='Search...') this.value='';" onblur="if(this.value=='') this.value='Search...';"
    onfocus="if(this.value=='Search...') this.value='';" name="search_term">
  <button type="submit"><i class="fa fa-search"></i></button>
</form>

GET /dyn-search.php

<form role="search" action="/dyn-search.php" method="GET">
  <div class="fa fa-search"></div><input type="text" value="Search here..." onkeydown="if(this.value=='Search here...') this.value='';" onclick="if(this.value=='Search here...') this.value='';" onblur="if(this.value=='') this.value='Search here...';"
    name="search_term">
</form>

Text Content

WE VALUE YOUR PRIVACY

We and our partners store and/or access information on a device, such as cookies
and process personal data, such as unique identifiers and standard information
sent by a device for personalised ads and content, ad and content measurement,
and audience insights, as well as to develop and improve products. With your
permission we and our partners may use precise geolocation data and
identification through device scanning. You may click to consent to our and our
partners’ processing as described above. Alternatively you may access more
detailed information and change your preferences before consenting or to refuse
consenting. Please note that some processing of your personal data may not
require your consent, but you have a right to object to such processing. Your
preferences will apply to this website only. You can change your preferences at
any time by returning to this site or visit our privacy policy.
MORE OPTIONSAGREE
 

SOFTPEDIA® NEWS
 * Reviews
 * Apple
 * Microsoft
 * Mobile
 * Linux & OSS
 * Security
 * Wearables

 * 
 * 
 * 

Softpedia >News >Security >Data Breaches
Softpedia Homepage   



GHOSTSHELL LEAKS AROUND 36 MILLION RECORDS FROM 110 MONGODB SERVERS




HACKER ONLY USED SHODAN TO IDENTIFY HIS TARGETS

Jun 4, 2016 00:30 GMT  ·  By Catalin Cimpanu  ·  Comment  · 
Share:             
17 photos
   GhostShell releases data from 110 exposed MongoDB servers


Twenty-four-year-old Romanian hacker GhostShell has leaked today a collection of
database dumps, which he claims he obtained from 110 misconfigured MongoDB
servers.

The hacker has told Softpedia that, following his rough estimates, there are
around 36 million user records included in the leaks, among which 3.6 million
also contain passwords.

The hacker has announced the data leak on Twitter and posted a link to a
PasteBin URL where users can find a statement regarding the reasons behind the
hack, screenshots from all the hacked servers, and various links from where
users can download the data.


GHOSTSHELL DUMPED OVER 5.6 GB OF DATA

The download package is a 598 MB ZIP file, which decompresses to 5.6 GB of data,
containing 110 folders named based on the hacked server's IP.

Each of these folders contains a screenshot as proof of the hacker's access to
the server, a text file with details about the hacked server, and the entire
database dump.

Based on the nature of each company, these databases hold information such as
real names, usernames, email addresses, passwords, gender, geolocation info,
social media information, details about the user's smartphone model, browser
information, API credentials, and even avatar images.

In his statements, GhostShell says that he only used simple scanners like Shodan
to discover these databases. The hacker describes Project Vori Dazel, as he
names his recent MongoDB hacking spree, as a public protest against poor
security practices.

GhostShell says that all the databases he accessed had no username or password
for the root account and had a large number of open ports.

The content of GhostShell's data dump


The hacker also told Softpedia that he wanted the campaign's message to get
through, and hopes companies take a smarter approach to server security.

He also said that, if he had wanted, he could have gather a lot more data,
because there were several other servers still open to external connections
online.

GhostShell's message is consistent with his previous campaign, called Light
Hacktivism, during which the hacker set out to find and expose vulnerabilities
and poor security practices in order to have them corrected. Previously, the
hacker also embarked on a more aggressive campaign called Dark Hacktivism.

This time around, the hacker has a problem with companies that deploy MongoDB
without properly securing them. You can read GhostShell's full mission statement
below.

GhostShell's Statements



#GhostShell#Project Vori Dazel#data leak#MongoDB#data breach



GHOSTSHELL'S HACKED SERVERS (17 IMAGES)

+14more
hot right now
Apple Watch Ultra 2 Could Be a Lot More Expensive: Device could cost over $1,200
when it launches next year
Hogwarts Legacy Review (PS5): A charming stroll through a world of magic and
wonder
Samsung Galaxy S23 Is So Bloated Android 13 Uses as Much Storage as Windows 11:
The operating system eats up 60GB of storage space
Apple Has a New Supplier for the iPad: As the company is trying to step away
from China
Apple Isn’t Planning to Kill Off the iPhone Plus… Yet: It looks like an iPhone
15 Plus is still on the table
Dark Envoy Preview (PC): A quick look at one of the most anticipated cRPGs of
2023
SpellForce: Conquest of Eo Review (PC): Magic-powered strategy mixed with
tactical battles
  Click to load comments
This enables Disqus, Inc. to process some of your data. Disqus privacy policy


Rettinger's Rants: Rumors and Leaks
 



i softpedia®
© 2001-2023 Softpedia. All rights reserved. Softpedia® and the Softpedia® logo
are registered trademarks of SoftNews NET SRL
Contact  • Privacy Policy  • Cookie Policy  • EU residents: Cookie Settings
news tip
feedback
 
 
 
We use cookies to improve your experience.
By using the site you agree to the use of cookies. For more information and
options regarding cookies and personal data see our Cookies Policy and Privacy
Policy

Accept cookies & close