This article was published on June 20, 2017

South Korean hosting firm shells out $1M in yet another ransomware hack


South Korean hosting firm shells out $1M in yet another ransomware hack

In a nightmare scenario, South Korean web hosting firm Nayana announced that last week it had suffered a massive breach affecting more than 150 of its servers. But perhaps more troubling was the fact the attackers had managed to take control of an immense amount of user data.

In exchange, the hackers demanded nearly $4.4 million in Bitcoin to return the data back to the company. Following eight days of back and forth bargaining, the two sides have now settled on a ransom fee of around $1 million in Bitcoin, which Nayana will pay out in three instalments.

The first two transactions have already been completed, The Register reports. The third round of negotiations is still being worked out, according to Nayana.

The web hosting provider is currently in the process of transferring the stolen data back to its servers. The next step would be to create back-ups of the data and perform analysis to confirm the integrity of the recovered files.

The company estimates the entire process will likely take between four to seven days to complete. Stolen data is expected to be properly restored back to the almost 3,500 affected clients shortly after. Though Nayana warns server-related issues could continue to persist over the next month.

Dutch cybersecurity firm Trend Micro conducted research that seems to suggest the attackers relied on a variation of the Erebus ransomware specifically designed for Linux.

The incident marks yet another unfortunate case in a recent string of ransomware attacks. A few weeks back thousands of systems were infected with a persistent malicious software now infamously known as WannaCry.

Last year a US-based hospital resorted to paying a group of attackers $17,000 to reclaim control of its patients’ medical files – that is after the hackers initially demanded a staggering $3.6 million in ransom.

More recently, in another similar case an Austrian hotel was coerced to cough $1,600 after hackers remotely tampered with the door locks to hold guests hostages inside their own rooms.

Still, the ransom fees demanded in these instances come nowhere close the massive amount Nayana had to agree to.

Get the TNW newsletter

Get the most important tech news in your inbox each week.