LeakIX - Host 8.138.57.0

Host 8.138.57.0

China

Hangzhou Alibaba Advertising Co.,Ltd.

Linux x86_64

MySQL is publicly available

MySQL is currently open without authentication.

Additionally a ransom note has been found in the dataset which indicates it has been compromised

This results in all the database data made available publicly.

IP: 8.138.57.0
Port: 3306

First seen 2024-04-24 07:49
Last seen 2024-06-19 21:37
Open for 56 days

Severity: critical
Fingerprint: cf350410ecceb5fdfbefbf86252655ba49ee96b94dddfaada9a90bfb997a7843

Databases: 29, row count: 3164, size: 909.9 kB
Found table README_TO_RECOVER_A.RECOVER_YOUR_DATA with 2 records
Found table mysql.columns_priv with 0 records
Found table mysql.db with 6 records
Found table mysql.event with 0 records
Found table mysql.func with 0 records
Found table mysql.general_log with 2 records
Found table mysql.help_category with 45 records
Found table mysql.help_keyword with 825 records
Found table mysql.help_relation with 1660 records
Found table mysql.help_topic with 603 records
Found table mysql.innodb_index_stats with 3 records
Found table mysql.innodb_table_stats with 1 records
Found table mysql.ndb_binlog_index with 0 records
Found table mysql.plugin with 0 records
Found table mysql.proc with 0 records
Found table mysql.procs_priv with 0 records
Found table mysql.proxies_priv with 2 records
Found table mysql.servers with 0 records
Found table mysql.slave_master_info with 0 records
Found table mysql.slave_relay_log_info with 0 records
Found table mysql.slave_worker_info with 0 records
Found table mysql.slow_log with 2 records
Found table mysql.tables_priv with 0 records
Found table mysql.time_zone with 0 records
Found table mysql.time_zone_leap_second with 0 records
Found table mysql.time_zone_name with 0 records
Found table mysql.time_zone_transition with 0 records
Found table mysql.time_zone_transition_type with 0 records
Found table mysql.user with 13 records

Found on 2024-06-19 21:37

909.9 kBytes 3164 rows

Severity: high
Fingerprint: cf350410ecceb5fdebd6b7609132601091326010913260109132601091326010
```
Databases: 1, row count: 2, size: 16.4 kB
Found table README_TO_RECOVER_A.RECOVER_YOUR_DATA with 2 records
```
Found on 2024-06-09 21:24

16.4 kBytes 2 rows

Create report

MongoDB is publicly available

MongoDB is currently open without authentication.

This results in all the database data made available publicly.

IP: 8.138.57.0
Port: 27017
URL: http://8.138.57.0:27017

First seen 2023-11-24 22:15
Last seen 2024-01-26 10:35
Open for 62 days

Severity: medium
Fingerprint: 436d217a47ab42582a2b7995c390fd4d39c0bda9dcef55634b000f14b894c2e6

Collections: 4, document count: 7, size: 2.7 kB
HTTP/1.0 200 OK
Connection: close
Content-Type: text/plain
Content-Length: 85


It looks like you are trying to access MongoDB over HTTP on the native driver port.
Found collection READ__ME_TO_RECOVER_YOUR_DATA.README  with 1 documents (374 B)
Found collection admin.system.version  with 2 documents (104 B)
Found collection admin.system.users  with 4 documents (2.2 kB)
Found collection config.system.sessions  with 0 documents (0 B)

Found on 2024-01-26 10:35

2.7 kBytes 7 rows

Severity: medium
Fingerprint: 436d217a47ab42582a2b7995c390fd4d39c0bda9dcef55634b000f14b0ffed11

Collections: 4, document count: 7, size: 2.7 kB
HTTP/1.0 200 OK
Connection: close
Content-Type: text/plain
Content-Length: 85


It looks like you are trying to access MongoDB over HTTP on the native driver port.
Found collection READ__ME_TO_RECOVER_YOUR_DATA.README  with 1 documents (371 B)
Found collection admin.system.version  with 2 documents (104 B)
Found collection admin.system.users  with 4 documents (2.2 kB)
Found collection config.system.sessions  with 0 documents (0 B)

Found on 2023-12-11 11:59

2.7 kBytes 7 rows

Severity: medium
Fingerprint: 436d217a47ab4258f9c80263dd620c7b857bce47eb60b5256dfcc2ea57b0739d

Collections: 7, document count: 48, size: 49.2 kB
HTTP/1.0 200 OK
Connection: close
Content-Type: text/plain
Content-Length: 85


It looks like you are trying to access MongoDB over HTTP on the native driver port.
Found collection READ__ME_TO_RECOVER_YOUR_DATA.README  with 1 documents (371 B)
Found collection admin.system.version  with 2 documents (104 B)
Found collection admin.system.users  with 4 documents (2.2 kB)
Found collection blog-admin.users  with 1 documents (67 B)
Found collection blog-admin.messages  with 1 documents (120 B)
Found collection blog-admin.articles  with 39 documents (46.3 kB)
Found collection config.system.sessions  with 0 documents (0 B)

Found on 2023-11-24 22:15

49.2 kBytes 48 rows

Create report

Open service 8.138.57.0:3306

2024-06-19 21:37
```
MySQL detected
```
Found 2 days ago by tcpid
Create report
Open service 8.138.57.0:3306

2024-06-17 21:17
```
MySQL detected
```
Found 2024-06-17 by tcpid
Create report
Open service 8.138.57.0:3306

2024-06-15 20:54
```
MySQL detected
```
Found 2024-06-15 by tcpid
Create report
Open service 8.138.57.0:22

2024-06-13 13:39
Found 2024-06-13 by SSHOpenPlugin
Create report
Open service 8.138.57.0:3306

2024-06-13 02:42
```
MySQL detected
```
Found 2024-06-13 by tcpid
Create report
Open service 8.138.57.0:3306

2024-06-11 22:06
```
MySQL detected
```
Found 2024-06-11 by tcpid
Create report
Open service 8.138.57.0:3306

2024-06-09 21:24
```
MySQL detected
```
Found 2024-06-09 by tcpid
Create report
Open service 8.138.57.0:3306

2024-06-07 20:10
```
MySQL detected
```
Found 2024-06-07 by tcpid
Create report
Open service 8.138.57.0:3306

2024-06-03 20:05
```
MySQL detected
```
Found 2024-06-03 by tcpid
Create report

Data leak

Size

909.9 kB

Collections

Rows

3164

Domain summary

No record