None here. (If I understand correctly, using the exploit would generate many connections and nothing else.) Not even authentication attempts. Just a few IPs running commands (buildinfo, listDatabases, ismaster, etc.) without prior authentication.
They seem to be looking for databases exposed to the Internet and not protected in any way? Unless something's wrong with the honeypot...
VessOnSecurity
npub1gx…7tun6
2025-12-27 21:50:42 UTC
in reply to nevent1q…8e5v
Author Public Key
npub1gxa39sc7wtpmatdx9rkplkplaquyug2vfhk23dl54slsnmuzf45sh7tun6Seen on
wss://relay.momostr.pinkPublished at
2025-12-27 21:50:42 UTCEvent JSON
{
"id": "0205009d5a541e07183bada57dcb780a2996851d1c5c46311696eda5b525bb64",
"pubkey": "41bb12c31e72c3beada628ec1fd83fe8384e214c4deca8b7f4ac3f09ef824d69",
"created_at": 1766872242,
"kind": 1,
"tags": [
[
"p",
"fe31a74ce7a735689686a4a8bdb765a8f4db945d91b67412c75058a82a51cffd"
],
[
"e",
"3c40a100de73c4b6af87c9a804cc4f6341d10bc154b55ee2cf7bf8bd3a1a49f6",
"",
"root",
"fe31a74ce7a735689686a4a8bdb765a8f4db945d91b67412c75058a82a51cffd"
],
[
"e",
"60651bdecb5fc998ad941ee6c7e8354587be342b408d02c56fb4ea98a827ad9a",
"",
"reply",
"fe31a74ce7a735689686a4a8bdb765a8f4db945d91b67412c75058a82a51cffd"
],
[
"proxy",
"https://infosec.exchange/@bontchev/115793739304281717",
"web"
],
[
"proxy",
"https://infosec.exchange/users/bontchev/statuses/115793739304281717",
"activitypub"
],
[
"L",
"pink.momostr"
],
[
"l",
"pink.momostr.activitypub:https://infosec.exchange/users/bontchev/statuses/115793739304281717",
"pink.momostr"
],
[
"-"
]
],
"content": "None here. (If I understand correctly, using the exploit would generate many connections and nothing else.) Not even authentication attempts. Just a few IPs running commands (buildinfo, listDatabases, ismaster, etc.) without prior authentication.\n\nThey seem to be looking for databases exposed to the Internet and not protected in any way? Unless something's wrong with the honeypot...",
"sig": "fbdffce68cb381a741194cf260f2feaf0889cb6f0d0828546ceade5740f88158a00f8e155af3dbfb21ccb08ab7d5f354ebd228ec85b244e5d30a8c8c85ed45ae"
}