Ransomware attack has a service failure.

As reported on Saturday, June 10, SBS 8 City News, the IDC organization that manages more than 10,000 websites in Korea has suffered a Ransomware attack.


I do not know when the recovery will be done, so I transferred it back to another server company with the existing backup.


There may be broken pages. If you find this question, please let me know and I'll fix it right away.


Thank you.


Related news:http://news.naver.com/main/read.nhn?mode=LSD&mid=shm&sid1=105&oid=055&aid=0000538425

Company Notification:http://www.nayana.com/bbs/set_view.php?b_name=notice&w_no=957



When I received the response from Internet Nayana Co., Ltd., it seemed impossible to recover because of the damage of Ransomware to the backup server.

I have hope for the company's backup processor "Local (once a day), CDP Backup (twice a day, 7 days archiving) Network" (deleted after expiration backup).

Only the main page of this is managed by the vendor, and services operated by other sub-domains are managed by other vendors.

Membership information from March and posts made in WordPress have been deleted and it seems that it is not possible to recover from the current situation.

(* This article has no damage.)

  • Web hosting can also be infected with Ransomware.

    • Kilho Oh

      The generated file (_DECRYPT_FILE.html, index.html, etc.) is owned by root, and it seems that root privilege is taken for each server. The backup server is also infected and seems to be unrecoverable.

  • Oh, glad you did this site recovery. I am sure you are Gilho, and I thought that you would not have seen much damage in this Nayana incident. (I was a bit worried about that, though.

    This has caused a tremendous amount of damage to sites. I have been a little bit distracted this week because I have been asked to temporarily host some of the sites I manage.

    Of course, I believed you would survive as long as you are. Hehe

    • Kilho Oh

      I was not expecting any problems from the hosting company to the backup server. ㅠ
      Of course, it is wrong to not backup frequently.
      (Thank you for worrying ^^)

      Anyway, after this incident, I will back up once a day. ^^

      • You'll be scheduling your backups to cron, but because of the size of your backup files, you're using a lot of traffic.

        If you like me, if you are posting xml only, I will draw it. The site itself is a year, two years and very little to change, so site backups only take place when there is a change in the site and with the export tool. It takes less than a minute to extract a few years xml. (That's why I prefer this method.

        If you back up your content this way, you will not be harmed in any way.

        • Kilho Oh

          Yeah ^^ It is a good word.

          However, since there are a lot of web hosting accounts that do not provide cron, I have created a backup program at this time.
          ( http://en.kilho.net/archives/engineering/1584 )

          And the sites that I operate are separated by a separate server, and the actual backup files are small, so I am receiving them as a whole. ^^