我的MongoDB数据被黑客删库了，还勒索要支付比特币赎回

勒索

看下黑客的手段：

All your data is a backed up. You must pay 0.015 BTC to 1TvCTpihDcmEjs9weTeKyruYYEY6n5xCB 48 hours for recover it. After 48 hours expiration we will leaked and exposed all your data. In case of refusal to pay, we will contact the General Data Protection Regulation, GDPR and notify them that you store user data in an open form and is not safe. Under the rules of the law, you face a heavy fine or arrest and your base dump will be dropped from our server! You can buy bitcoin here, does not take much time to buy https://localbitcoins.com with this guide https://localbitcoins.com/guides/how-to-buy-bitcoins After paying write to me in the mail with your DB IP: allmydataback@cock.li and you will receive a link to download your database dump.

向指定账户支付比特币赎回数据，嗯，基本就是这样了，现在看来前面的操作就是在互联网上裸奔哪，不过，好在这次只是测试数据（就一个数据库，一张表，三五条数据），无所谓了；可如果是公司商业数据库这样被搞，那损失就大了，细思极恐。。

截止发文时：2021-3-6 16:43:04，比特币实时行情：

分析

其实，这次的数据丢失/泄露，并不是说 MongoDB 本身有什么问题，而是安全意识淡薄（同样，Redis, ElasticSearch若以默认的配置暴露在互联网上，也面临同样的问题），没有任何防御措施，所以，这里黑客根本都不需要进行多复杂的攻击，直接扫描IP:27017端口，进行连接、查询、删库即可。

以下是事后查询 MongoDB 日志得到的部分访问信息：

{“t”:{“$date”:“2021-03-02T08:24:19.868+08:00”},“s”:“I”, “c”:“NETWORK”, “id”:22943, “ctx”:“listener”,“msg”:“Connection accepted”,“attr”:{“remote”:“51.75.144.43:46064”,“connectionId”:2480072,“connectionCount”:9}}

{“t”:{“$date”:“2021-03-02T08:24:20.044+08:00”},“s”:“I”, “c”:“NETWORK”, “id”:51800, “ctx”:“conn2480072”,“msg”:“client metadata”,“attr”:{“remote”:“51.75.144.43:46064”,“client”:“conn2480072”,“doc”:{“driver”:{“name”:“PyMongo”,“version”:“3.11.2”},“os”:{“type”:“Linux”,“name”:“Linux”,“architecture”:“x86_64”,“version”:“5.4.0-66-generic”},“platform”:“CPython 3.8.5.final.0”}}}

{“t”:{“$date”:“2021-03-02T08:24:20.557+08:00”},“s”:“I”, “c”:“NETWORK”, “id”:22943, “ctx”:“listener”,“msg”:“Connection accepted”,“attr”:{“remote”:“51.75.144.43:46778”,“connectionId”:2480073,“connectionCount”:10}}

{“t”:{“$date”:“2021-03-02T08:24:20.699+08:00”},“s”:“I”, “c”:“NETWORK”, “id”:22943, “ctx”:“listener”,“msg”:“Connection accepted”,“attr”:{“remote”:“51.75.144.43:46938”,“connectionId”:2480074,“connectionCount”:11}}

{“t”:{“$date”:“2021-03-02T08:24:20.732+08:00”},“s”:“I”, “c”:“NETWORK”, “id”:51800, “ctx”:“conn2480073”,“msg”:“client metadata”,“attr”:{“remote”:“51.75.144.43:46778”,“client”:“conn2480073”,“doc”:{“driver”:{“name”:“PyMongo”,“version”:“3.11.2”},“os”:{“type”:“Linux”,“name”:“Linux”,“architecture”:“x86_64”,“version”:“5.4.0-66-generic”},“platform”:“CPython 3.8.5.final.0”}}}

{“t”:{“$date”:“2021-03-02T08:24:20.877+08:00”},“s”:“I”, “c”:“NETWORK”, “id”:51800, “ctx”:“conn2480074”,“msg”:“client metadata”,“attr”:{“remote”:“51.75.144.43:46938”,“client”:“conn2480074”,“doc”:{“driver”:{“name”:“PyMongo”,“version”:“3.11.2”},“os”:{“type”:“Linux”,“name”:“Linux”,“architecture”:“x86_64”,“version”:“5.4.0-66-generic”},“platform”:“CPython 3.8.5.final.0”}}}

{“t”:{“$date”:“2021-03-02T08:24:21.420+08:00”},“s”:“I”, “c”:“COMMAND”, “id”:20337, “ctx”:“conn2480073”,“msg”:“dropDatabase - starting”,“attr”:{“db”:“RREAD_ME_TO_RECOVER_YOUR_DATA”}}

{“t”:{“$date”:“2021-03-02T08:24:21.420+08:00”},“s”:“I”, “c”:“COMMAND”, “id”:20338, “ctx”:“conn2480073”,“msg”:“dropDatabase - dropping collection”,“attr”:{“db”:“RREAD_ME_TO_RECOVER_YOUR_DATA”,“namespace”:“RREAD_ME_TO_RECOVER_YOUR_DATA.RREADME”}}

{“t”:{“$date”:“2021-03-02T08:24:21.423+08:00”},“s”:“I”, “c”:“COMMAND”, “id”:20336, “ctx”:“conn2480073”,“msg”:“dropDatabase”,“attr”:{“db”:“RREAD_ME_TO_RECOVER_YOUR_DATA”,“numCollectionsDropped”:1}}

{“t”:{“$date”:“2021-03-02T08:24:21.768+08:00”},“s”:“I”, “c”:“COMMAND”, “id”:20337, “ctx”:“conn2480073”,“msg”:“dropDatabase - starting”,“attr”:{“db”:“config”}}

{“t”:{“$date”:“2021-03-02T08:24:21.768+08:00”},“s”:“I”, “c”:“COMMAND”, “id”:20338, “ctx”:“conn2480073”,“msg”:“dropDatabase - dropping collection”,“attr”:{“db”:“config”,“namespace”:“config.system.sessions”}}

{“t”:{“$date”:“2021-03-02T08:24:21.789+08:00”},“s”:“I”, “c”:“COMMAND”, “id”:20336, “ctx”:“conn2480073”,“msg”:“dropDatabase”,“attr”:{“db”:“config”,“numCollectionsDropped”:1}}

{“t”:{“KaTeX parse error: Expected 'EOF', got '}' at position 38: …4:22.132+08:00"}̲,"s":"I", "c":…uuid”:“1f0b87f8-ba8f-476b-94cc-8d80796b64bc”}},“options”:{}}}

{“t”:{“KaTeX parse error: Expected 'EOF', got '}' at position 38: …4:22.147+08:00"}̲,"s":"I", "c":…timestamp”:{“t”:0,“i”:0}}}}

{“t”:{“$date”:“2021-03-02T08:24:22.487+08:00”},“s”:“I”, “c”:“NETWORK”, “id”:22944, “ctx”:“conn2480073”,“msg”:“Connection ended”,“attr”:{“remote”:“51.75.144.43:46778”,“connectionId”:2480073,“connectionCount”:10}}

{“t”:{“$date”:“2021-03-02T08:24:22.886+08:00”},“s”:“I”, “c”:“NETWORK”, “id”:22944, “ctx”:“conn2480074”,“msg”:“Connection ended”,“attr”:{“remote”:“51.75.144.43:46938”,“connectionId”:2480074,“connectionCount”:9}}

{“t”:{“$date”:“2021-03-02T08:24:22.886+08:00”},“s”:“I”, “c”:“-”, “id”:20883, “ctx”:“conn2480072”,“msg”:“Interrupted operation as its client disconnected”,“attr”:{“opId”:42096260}}

{“t”:{“$date”:“2021-03-02T08:24:22.886+08:00”},“s”:“I”, “c”:“NETWORK”, “id”:22944, “ctx”:“conn2480072”,“msg”:“Connection ended”,“attr”:{“remote”:“51.75.144.43:46064”,“connectionId”:2480072,“connectionCount”:8}}

可见，利用 Python 脚本进行自动化扫描；从连接建立到断开，耗时3秒；IP：51.75.144.43，来源：法国上法兰西鲁贝。

措施

自我介绍一下，小编13年上海交大毕业，曾经在小公司待过，也去过华为、OPPO等大厂，18年进入阿里一直到现在。

深知大多数Java工程师，想要提升技能，往往是自己摸索成长或者是报班学习，但对于培训机构动则几千的学费，着实压力不小。自己不成体系的自学效果低效又漫长，而且极易碰到天花板技术停滞不前！

因此收集整理了一份《2024年Java开发全套学习资料》，初衷也很简单，就是希望能够帮助到想自学提升又不知道该从何学起的朋友，同时减轻大家的负担。

既有适合小白学习的零基础资料，也有适合3年以上经验的小伙伴深入学习提升的进阶课程，基本涵盖了95%以上Java开发知识点，真正体系化！

由于文件比较大，这里只是将部分目录截图出来，每个节点里面都包含大厂面经、学习笔记、源码讲义、实战项目、讲解视频，并且会持续更新！

如果你觉得这些内容对你有帮助，可以扫码获取！！（备注Java获取）

最后

《互联网大厂面试真题解析、进阶开发核心学习笔记、全套讲解视频、实战项目源码讲义》点击传送门即可获取！
《互联网大厂面试真题解析、进阶开发核心学习笔记、全套讲解视频、实战项目源码讲义》点击传送门即可获取！