It might be entertaining to run a honeypot server that responds with some... unusual data. Does anyone know if the client they're using to do this has any vulnerabilities? ;-)
Shouldn't be hard to get the IP etc, as you can just connect to affected servers and review the global log. Just search for mongoDB on shodan and see for yourself.