South Korean web hosting company Nayana was targeted by the variant of the Erebus ransomware attack.
The attackers first requested 550 bitcoin (about US$1.6 million) in this case, but after negotiating with the business, they dropped their demand to 397.6 bitcoin (about US$1 million).
In order to continue regular business activities, the corporation chose to pay the ransom.
They advised keeping security defenses up to date to reduce the risk of ransomware.
Source: https://blog.itgovernance.co.uk/blog/ransomware-south-korean-web-hosting-company-pays-1m
TPRM report: https://scoringcyber.rankiteo.com/company/nayana
"id": "nay162231022",
"linkid": "nayana",
"type": "Ransomware",
"date": "06/2017",
"severity": "85",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'industry': 'Technology',
'location': 'South Korea',
'name': 'Nayana',
'type': 'Web Hosting Company'}],
'description': 'South Korean web hosting company Nayana was targeted by the '
'variant of the Erebus ransomware attack. The attackers '
'initially requested 550 bitcoin (about US$1.6 million), but '
'after negotiations, they dropped their demand to 397.6 '
'bitcoin (about US$1 million). The company chose to pay the '
'ransom to continue regular business activities.',
'impact': {'financial_loss': ['US$1 million']},
'lessons_learned': 'Keep security defenses up to date to reduce the risk of '
'ransomware.',
'motivation': 'Financial Gain',
'ransomware': {'ransom_demanded': ['550 bitcoin (US$1.6 million)',
'397.6 bitcoin (US$1 million)'],
'ransom_paid': ['397.6 bitcoin (US$1 million)'],
'ransomware_strain': 'Erebus'},
'title': 'Nayana Ransomware Attack',
'type': 'Ransomware'}