South Korean web hosting provider agrees to pay $1 million in bitcoins to hackers after a Linux ransomware infected its 153 servers, encrypting 3,400 business websites and their data. Hosting company has already paid two installments of ransom and would pay the last installment of ransom after recovering data from two-third of infected servers. Erebus, the ransomware primarily targeting users in South Korea, encrypts office documents, databases, archives, and multimedia files using the RSA-2048 algorithm and then appends them with a.ecrypt extension before displaying the ransom note.
Source: https://thehackernews.com/2017/06/web-hosting-ransomware.html