Web hosting provider to pay 1 million to ransomware hackers


South Korea’s web hosting company named Nayana has finally agreed to pay $1 million in bitcoins to hackers who launched a ransomware driven cyber-attack on the company’s business servers.

As per the sources reporting to our Cybersecurity Insiders, negotiations with the hackers have completed and the web hosting company has decided to bow to the demands of hackers as it has no other choice to consider.

Early last week, a group of hackers launched a ransomware attack on ‘Nayana’ encrypted data stored on 153 Linux servers and 3,400 websites of the company’s customers. Erebus was the ransomware which hit the servers and the hackers/developers of the said malware demanded a fee of 1 billion in exchange for the decryption key.
After almost 72 hours of negotiations, the hackers agreed for a price of $1 million which has to be paid in cryptocurrency by this weekend.

In the meantime, Nayana engineers tried their best to recover the data from their existing data continuity plan. But they came to a conclusion on last weekend that the recovery was impossible and bowing to the demands of the hackers was the only choice.

Technically speaking, Erebus was used by hackers to take hostage of web servers working on Microsoft Windows until January this year. But now, the malware has been modified so that a variant will work against Linux Systems.

How the said malware reached the computer network of Nayana is still unclear. But media reports suggest that the web hosting company could have been a victim of Phishing attack.

But experts from TrendMicro think that the decision of Nayana to pay 1 million as ransom to hackers could backfire.

What if they do not turn up with the decryption key after receiving the ransom in digital currency OR What if they demand more to hand over the decryption key?

That’s true and makes complete sense…..isn’t it?

Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display