
Korean Web Hosting Company Agrees to Pay 397.6 BTC to WannaCry - howon92
https://pastebin.com/RuYAjE1Z
======
howon92
TLDR: The company’s CEO is bankrupt because of the attack, and this is a
series of public announcements that describe how he's trying to recover from
the ransomware. He couldn’t afford the price that the hackers were asking and
is selling his company to afford the ransom money. He already paid a portion
of it and is asked to pay the rest of it for the remaining encryption keys.

The announcements are published at
[http://notice.nayana.com/](http://notice.nayana.com/) but they are in Korean
and the website goes down frequently.

------
qes
We had an older machine get hit by WannaCry, but it happened to have some
files on it we'd rather keep. It took 3 weeks on the outdated hardware to
crack the key and another 2 weeks to decrypt it all, but we recovered
everything and paid no one.

~~~
jjeaff
My understanding is that wannacry uses rsa2048. Even the NSA couldn't brute
force that. What am I missing?

------
ryanlol
Surely this wasn't WannaCry, doesn't sound like it.

EDIT: Erebus apparently.
[http://www.networkworld.com/article/3200194/security/south-k...](http://www.networkworld.com/article/3200194/security/south-
korean-web-hosting-company-infected-by-erebus-ransomware.html)

------
webtechgal
Heart goes out to those who suffered downtime and/or data loss and to the
company CEO.

------
howon92
EDIT: it was Erebus not WannaCry

