Shodan Scanhub Developers View All... Home Twitter Facebook Subscribe 15 December 2015 on research , MongoBD , NoSQL , Cassandra , Riak , Redis , CouchDB In light of the recent incident of MacKeeper exposing 13 million accounts through a public, unauthenticated MongoDB instances I wanted to quickly revisit my earlier blog post on the subject. At the moment, there are at least 35,000 publicly available, unauthenticated instances of MongoDB running on the Internet. This is an increase of >5,000 instances since the last article. They're hosted mostly on Amazon, Digital Ocean and Aliyun (cloud computing by Alibaba): The most popular versions of MongoDB are: 3.0.7 : 3,010 2.4.9 : 2,624 2.4.14 : 2,535 2.4.10 : 1,879 3.0.6 : 1,256 By default, newer versions of MongoDB only listen on localhost. The fact that MongoDB 3.0 is well-represented means that a lo...