Unsecured MongoDB databases expose Kremlin’s backdoor into Russian businesses
Thanks to a leaky MongoDB database, a prominent Dutch white-hat hacker has discovered the backdoor account used by the Russian government to access servers belonging to businesses and organizations operating in Russia. The leaky server in which the backdoor account firstname.lastname@example.org was first discovered, belonged to a Russian Lotto Website.
The researcher then discovered the same account in more than 2,000 other unsecured MongoDB databases. Virtually all of the exposed severs belonged to businesses located in Russia, including financial institutions and telcos, although one of them belonged to the Ukrainian Ministry of Internal Affairs.