[BreachExchange] Hoster SmarterASP.NET Taken Down by Ransomware

[Destry Winant]

https://www.infosecurity-magazine.com/news/hoster-smarteraspnet-taken/

A major US hosting provider has been hit by a serious ransomware
attack, impacting hundreds of thousands of customers.

SmarterASP.NET claims to operate three ‘world-class’ data centers
“delivering the reliability and flexibility necessary to support your
mission-critical internet operations.”

However, the websites of its 440,000+ customers, as well as its own,
went offline yesterday following the attack.

“Your hosting account was under attack and hackers have encrypted all
your data. We are now working with security experts to try to decrypt
your data and also to make sure this would never happen again,”
SmarterASP.NET said in a notice dated today.

“Please stay tune[d] for more info. Please know that we are getting
thousands of messages in our email and we don't have enough staffs to
reply them all. So please don’t email us. We will continue to put out
notices on our Facebook page. Please check back soon.”

The firm tweeted earlier this morning UK time to say that it would be
focusing first on restoring database servers.

“Once that's recovered, most of your sites will be up and running
already. You will also be able to make DB backup right away on our
control panel,” it said. “We are optimistic that everything will be
back to normal no longer than 12-24 hours. We will not go home until
everyone is taken care of.”

It’s unclear whether the firm has been able to decrypt the locked
files, either by paying up or via a third-party key, or is restoring
from backups.

As of 09:45 GMT the firm claimed to have recovered 40% of affected accounts.

SmarterASP.NET is by no means the first hosting firm to be struck by
ransomware. California-based Data Resolution was forced to shut its
network following an attack on Christmas Day last year, while A2
Hosting lost weeks of business from an outage in spring.