Web Hosting Company Pays $1 Million to Ransomware Hackers to Get Files Back
South Korean web hosting provider has agreed to pay $1 million in bitcoins to hackers after a Linux ransomware infected its 153 servers, encrypting 3,400 business websites and their data, hosted on them.
According to a blog post published by NAYANA, the web hosting company, this unfortunate event happened on 10th June when ransomware malware hit its hosting servers and attacker demanded 550 bitcoins (over $1.6 million) to unlock the encrypted files.
However, the company later negotiated with the cyber criminals and agreed to pay 397.6 bitcoins (around $1.01 million) in three installments to get their files decrypted.
The hosting company has already paid two installments at the time of writing and would pay the last installment of ransom after recovering data from two-third of its infected servers.
According to the security firm Trend Micro, the ransomware used in the attack was Erebus that was first spotted in September last year and was seen in February this year with Windows’ User Account Control bypass capabilities.
Source and more: http://thehackernews.com/2017/06/web-hosting-ransomware.html
South Korean web hosting provider has agreed to pay $1 million in bitcoins to hackers after a Linux ransomware infected its 153 servers, encrypting 3,400 business websites and their data, hosted on them.
According to a blog post published by NAYANA, the web hosting company, this unfortunate event happened on 10th June when ransomware malware hit its hosting servers and attacker demanded 550 bitcoins (over $1.6 million) to unlock the encrypted files.
However, the company later negotiated with the cyber criminals and agreed to pay 397.6 bitcoins (around $1.01 million) in three installments to get their files decrypted.
The hosting company has already paid two installments at the time of writing and would pay the last installment of ransom after recovering data from two-third of its infected servers.
According to the security firm Trend Micro, the ransomware used in the attack was Erebus that was first spotted in September last year and was seen in February this year with Windows’ User Account Control bypass capabilities.
Source and more: http://thehackernews.com/2017/06/web-hosting-ransomware.html