Slashdot Mirror
South Korean Web Hosting Provider Pays $1 Million In Ransomware Demand (bleepingcomputer.com)
An anonymous reader writes: Nayana, a web hosting provider based in South Korea, announced it is in the process of paying a three-tier ransom demand of nearly $1 million worth of Bitcoin, following a ransomware infection that encrypted data on customer' servers. The ransomware infection appears has taken place on June 10, but Nayana admitted to the incident two days later, in a statement on its website.
Attackers asked for an initial ransom payment of 550 Bitcoin, which was worth nearly $1.62 million at the time of the request. After two days of negotiations, Nayana staff said they managed to reduce the ransom demand to 397.6 Bitcoin, or nearly $1 million. In a subsequent announcement, Nayana officials stated that they negotiated with the attackers to pay the ransom demand in three installments, due to the company's inability to produce such a large amount of cash in a short period of time.
On Saturday, June 17, the company said it already paid two of the three payment tranches. In subsequent announcements, Nayana updated clients on the server decryption process, saying the entire operation would take up to ten days due to the vast amount of encrypted data. The company said 153 Linux servers were affected, servers which stored the information of more than 3,400 customers.
Attackers asked for an initial ransom payment of 550 Bitcoin, which was worth nearly $1.62 million at the time of the request. After two days of negotiations, Nayana staff said they managed to reduce the ransom demand to 397.6 Bitcoin, or nearly $1 million. In a subsequent announcement, Nayana officials stated that they negotiated with the attackers to pay the ransom demand in three installments, due to the company's inability to produce such a large amount of cash in a short period of time.
On Saturday, June 17, the company said it already paid two of the three payment tranches. In subsequent announcements, Nayana updated clients on the server decryption process, saying the entire operation would take up to ten days due to the vast amount of encrypted data. The company said 153 Linux servers were affected, servers which stored the information of more than 3,400 customers.
every transaction is here https://blockchain.info/
love is just extroverted narcissism
Backing up User VMs is trivial. So is a snapshot system. Most all the major hypervisor makers have this built in and there are also plenty of free ware things to do this as well..
You can run Hyper-V, with free Veeam and with some scheduled task stuff from Task Scheduler or a Jenkins systems, you can kick of Powershell code that will automagically find all your VMs, even in a non-clustered pool (so long as you registered the hosts in Veeam free), and then back them all up as full sets, with compression and/or encryption to a NAS device of some sort.
Restoring is also easily done AND you can restore the whole machine as it was at the stun/snap, registered, powered on and everything, restore just the VM filesets to manually register and start or you can do varying levels of OS level file restore for just those files that got mucked up.
This stuff is pretty easy to do and low cost.
Storing thousands (if not many many more) of VM backups for customers for free is "low cost"?
If you wrote out the contract properly then you made sure that user backups are the user's responsibility, in which case you don't have to pay a single penny ransom because you don't owe anyone anything. Well you could be nice and take snapshots once a week or something and if users complain you point to the appropriate clause in the contract. There is NO excuse. None. You're trying to justify idiocy. Don't. It just makes you look bad too.
Seven puppies were harmed during the making of this post.
Please list any democratic country where it's illegal to pay a ransom. Paying a ransom is not equated with supporting a illegal organisation or as fencing in any jurisdiction that I'm aware of. Any attempt to make such payments would only yield one end result; the victims would be extremely less motivated to involve the police.
Here's one; Canada.
http://nationalpost.com/news/c...