South Korean firm pays $1m to unlock files

in #hacking7 years ago

ss.png
It is believed to be a record amount, although it is worth noting that many ransom payments are never made public.
Nayana's chief executive revealed that the hackers initially asked for $4.4m, payable in bitcoin.

Security experts warned that firms should not pay such ransoms or enter into negotiations with hackers.
Angela Sasse, director of the Institute in the Science of Cyber-Security, said that she was surprised both by the size of the ransom and that the firm went public about paying.

"This is a record ransom from what I know, although some will have paid and not gone public.
"It could be that it had to disclose the amount under the South Korean regulatory structure or it could have been done out of a sense of public duty," she said.

"From the attackers' point of view, they might have preferred that the firm kept quiet. It is such a large ransom that it might spur a lot of companies to look more carefully at their security."

Bankrupt


The ransomware - known as Erebus - targeted computers running Microsoft Windows and was also modified so a variant would work against Linux-based systems.

It appears that Nayana entered into negotiations with the hackers, lowering the fee from $4.4m to less than $500,000 although at the last minute, the hackers doubled the negotiated amount to $1m.

They are believed to have encrypted data on 153 Linux servers and 3,400 customer websites.
An update posted on Saturday said that engineers were in the process of recovering data but added that it would take time.
Nayana's chief executive apologised for the "shock and damage" of the incident.
In an earlier statement, he said that the attack had hit his bank balance.

"Now I am bankrupt. Everything I've been working on for 20 years is expected to disappear at 12:00 tomorrow."
Ms Sasse said that ransomware attackers had grown much bolder in recent years.

"Two years ago, they tended to target individuals or smaller businesses believing that they would have less good security measures but they have found that they can get bigger targets and the pay-off is much larger. It is a lucrative business."

Sort:  

That's crazy man, $1m 👀

Yup Thats Crazy And Real :)

Congratulations @adnandillawar! You have completed some achievement on Steemit and have been rewarded with new badge(s) :

You made your First Comment
Award for the number of posts published
Award for the number of upvotes

Click on any badge to view your own Board of Honnor on SteemitBoard.
For more information about SteemitBoard, click here

If you no longer want to receive notifications, reply to this comment with the word STOP

By upvoting this notification, you can help all Steemit users. Learn how here!