Pierluigi Paganini November 10, 2019

Another day, another victim of a ransomware attack, this time major ASP.NET hosting provider SmarterASP announced it was infected by ransomware.

SmarterASP.NET is one of the most popular ASP.NET hosting providers, the company has more than 440,000 customers. SmarterASP announced it was hit yesterday by ransomware attack.

The attack encrypted customer data and the company’s website was not reachable on Saturday, it was up again earlier this morning on Sunday.

At the time of writing, the company confirmed the incident and announced that it is working to restore customers’ servers, no info was shared on the family of malware that hit the company. It is unclear if SmarterASP decided to pay the ransom, or if it is restoring data using its backups.

“Your hosting account was under attack and hackers have encrypted all your data. We are now working with security experts to try to decrypt your data and also to make sure this would never happen again. Please stay tune for more info. Please know that we are getting thousands of messages in our email and live chat and we don’t have enough staffs to reply them all.” reads a statement published on the company website. “We will continue to put out notices on our Facebook page and http://status.smarterasp.net/ page, Please check back soon.”

The company hired security experts to decrypt its data and secure its infrastructure.

“A phone call to SmarterASP.NET was not returned. The company’s phone line was down, citing an influx of calls. In a status message posted on its website, the company admitted to the hack.” reported ZDNet.

Many customers are still not able to access their accounts and data. Experts pointed out that the ransomware attack encrypted both public-facing web servers and backend databases.

According to screenshots shared by some customers on Twitter, the piece of ransomware that infected the company appends the “.kjhbx” file extension to each file name it encrypts.

Ransomware attacks continue to make the headlines, a few hours ago I reported that the leading action sports company Boardriders and its subsidiaries including QuikSilver and Billabong, were hit by this kind of malware.

A few days ago Everis, NTT DATA-owned firm Everis​ and one of Spain’s largest managed service providers (MSP), has suffered a ransomware attack. Unfortunately, it ws not alone, because also Spain’s largest radio station Cadena SER (Sociedad Española Radiodifusión) was a victim of a similar attack.

Pierluigi Paganini

(SecurityAffairs – SmarterASP, ransomware)

[adrotate banner=”5″]

[adrotate banner=”13″]