Victim Pays $1M in Ransom After 153 Linux Servers Became Infected

Linux is not immune — 153 infections leading to 3,400 websites down

The largest ransomware payout in history is taking place at this very moment.  Nayana, a web hosting company located in South Korea, was hit with ransomware on June 10th.  The ransomware variant, Erebus, successfully infiltrated 153 Linux servers, allowing the cyber criminals access to encrypt over 3,400 business websites hosted by Nayana.

According to Security Week, the initial ransomware request was for 550 bitcoins, or roughly $1.6M USD.  However, after negotiations, it was agreed Nayana would pay 397.6 bitcoins.  This converts to approximately $1.01M USD.  The company is making the three payments to the cyber criminals to meet the ransom demands.  Upon receiving the payment, the cyber criminals are to release the decryption keys to the servers affiliated with the payment.  So far, two payments have been made, and Nayana is working to decrypt the impacted websites.

Reports are suggesting this particular ransomware variant has been targeting South Korea.  Although, a handful of other countries have seen it infect systems as well.

Overall, Erebus is able to infect and encrypt hundreds of types of files and databases.  However, it seems as though its primary target is web servers and the content held within them.  After this massive payday — anyone can see why.

Stop Responding to Threats.
Prevent Them.

Want to get monthly tips & tricks?

Subscribe to our newsletter to get cybersecurity tips & tricks and stay up to date with the constantly evolving world of cybersecurity.

Related Articles