So the Kremlin have required that any financial institution operating in Russia provide them with an administrator account. Said account credentials were all stored on a default credential MongoDB account. And here I thought Russia implemented good OpSec

@aussierockman Unless I misunderstood, the accounts weren't all stored in one database - it's just the same login email address kept showing up in lots of different orgs' unsecured mongo.

@aussierockman its very funny as US news sites write that all these credentials were used by russian government, and russian media write that it is MongoDB who created and used backdoor :)

Sign in to participate in the conversation
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.