CyberNews Briefs

Unsecured MongoDB databases expose Kremlin’s backdoor into Russian businesses

Thanks to a leaky MongoDB database, a prominent Dutch white-hat hacker has discovered the backdoor account used by the Russian government to access servers belonging to businesses and organizations operating in Russia. The leaky server in which the backdoor account admin@kremlin.ru was first discovered, belonged to a Russian Lotto Website.

The researcher then discovered the same account in more than 2,000 other unsecured MongoDB databases. Virtually all of the exposed severs belonged to businesses located in Russia, including financial institutions and telcos, although one of them belonged to the Ukrainian Ministry of Internal Affairs.

Read more: Unsecured MongoDB databases expose Kremlin’s backdoor into Russian businesses

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.