ASP.NET hosting provider with more than 440,000 customers, SmarterASP.NET was hit yesterday by ransomware.
This company is the third major web hosting company this year that dropped because hackers damaged their network and encrypted data on customers' servers.
SmarterASP.NET said it was working to restore the customer's server. It is unclear whether the company is paying ransom requests, or is recovering from reserves.
Phone calls to SmarterASP.NET are not returned. The company telephone line was cut off, by reason of the incoming call. In a status message posted on its website, the company acknowledges hacking.
"Your hosting account was attacked and the hacker encrypted all of your data," the message said. "We are now working with security experts to try to decrypt your data and also to ensure this will not happen again."
This attack occurred on Saturday
The attack was not only about customer data, but also SmarterASP.NET itself. The company's website went down all day Saturday, back online on Sunday morning yesterday.
The server recovery attempt was slow. Many customers still do not have access to their accounts and data. Those who say their data is still encrypted, including the website file but also the backend database.
While most users use SmarterASP.NET for hosting ASP.NET sites, some use companies that function as backend applications, where they synchronize or back up important data. The fact that the database backend has also been affected, and not just the web server, has prevented many people from moving affected services to other alternative IT infrastructure.
According to screenshots posted on Twitter, all customer files are encrypted by the Snatch ransomware version which encrypts files with the ".kjhbx" file extension.
It should be no surprise that ransomware gangs are looking to infect web hosting providers. To this day, the biggest ransomware payment ever made comes from web hosting providers.
If you are looking for ASP.NET hosting as a migration place or maybe you are a new user? We highly recommend you to consider asphostportal. They support all versions of asp.net and are always up to date with the latest versions.