The Korean hosting company Nayana has decided to pay a ransom of $1 million after being infected by the Erebus ransomware, that targets Linux servers. The malware encrypted 153 servers and 3,400 business websites, according to Japanese antivirus vendor Trend Micro.
The cybercriminals behind the ransomware demanded 550 Bitcoin ($1.62 million) to decrypt the computers. The company told the attackers they were unable to pay the ransomware and eventually they negotiated to pay 397 Bitcoin ($1 million) that would be paid in parts.
Meanwhile the first amount has been paid and Nayana has been able to recover dozens of servers. The entire process of decryption can take more than 10 days, according to the hosting company.
It’s unclear how the servers could be infected. Trend Micro writes about that, “as for how this Linux ransomware arrives, we can only infer that Erebus may have possibly leveraged vulnerabilities or a local Linux exploit.”