A web host based in South Korea has paid over $1 million to a ransomware operation, called Erebus, that encrypted customer data related to 3,400 customer websites.
According to a report by Ars Technica, Nayana is working to recover the data from 153 Linux servers, but warned customers it would take time.
The company negotiated the payment after initial ransom demands were for $4.4 million, paid in Bitcoin. It is paying the ransom in three installments, according to a blog post by Trend Micro.
Security best practices recommend victims not pay ransom, but often times companies will do so under the radar as to not admit publicly that their network was insecure. If a company pays a ransom, there is no guarantee that they will get their data back or that the hackers will not strike again.
Ars Technica said that the Erebus ransomware once targeted only Windows operating systems, but a new variant works against Linux systems.
For more details on the Erebus ransomware, check out Trend Micro’s blog.