The administrators of an SMS spam operation left an unsecured MongoDB instance wide open online, exposing over 80 million records linked to their ‘leads,’ according to researchers.
Bob Diachenko revealed the discovery in a blog post late last week, claiming the MongoDB instance was named “ApexSMS” and left without password protection.
“Upon further research it was identified that the MongoDB instance name ApexSMS is also the name of an SMS Bombing program with the same name that is highly advertised on hacker or black hat forums,” he continued.
“What is SMS Bombing? Typically, cell phone users send one message at a time. However, an SMS bomber is a software program that duplicates the same message multiple times or rotates different messages and sends all the messages to a number of your choice. This can be used for pranks, harassment, or in this case marketing products or services.”
The database of 80 million records uncovered by
Article source: https://www.infosecurity-magazine.com/news/sms-spammers-expose-80m-records/
Recent Comments