What Actually Happened to SmarterASP.NET?

In recent days, Twitter is being livened up by complaints about hosting down and loss of their data. This is because the biggest hosting company, SmarterASP.NET, is experiencing a disaster. This large company is under attack by Ransomware.

What is malware and ransomware?

Malware is a general term that refers to software that is harmful to your computer, said John Villasenor, a professor at the University of California, Los Angeles. Ransomware is a type of malware that is essentially able to take control of a computer and prevent its users from accessing data until a ransom is paid, he said.

How ransomware works

“Ransomware, as the name suggests, is software that holds your files hostage for ransom,” said Peter Reiher, a professor at UCLA who specializes in computer science and cyber security. “The software finds all your files and encrypts them and then leaves a message for you. If you want to regain access to your data, then you have to pay a ransom. “

The ransomware encrypts data on the computer and uses an encryption key known only to the attacker. If the ransom is not paid, often the data is permanently deleted.

When a ransomware takes over a computer, the attackers are quite frankly linked to their demands, Segura said. In most cases, they change computer wallpapers and give specific instructions that inform users how to pay a ransom to regain access to their files.

Then what about SmarterASP.NET? What really happened to them?

According to reports, the ransomware attack hit and encrypted customers’ web hosting accounts – which give customers access to servers where they can store files and data required to run their websites – thus crippling customer websites. SmarterASP.NET’s website was also initially downed by the attack, but has since been recovered.

“Your hosting account was under attack and hackers have encrypted all your data,” according to a Monday notice on SmartASP’s website. “We are now working with security experts to try to decrypt your data and also to make sure this would never happen again.  Please stay tune for more info.”

While it’s unclear when the ransomware attack first hit, a rash of Tweets, starting Nov. 9, show customers angered that they were not notified of the attack via email after their services stopped.

The company is in the middle of recovering accounts that were locked down by the attack. According to a Monday morning update, 90 percent of the impacted accounts are “back to normal” after the company found “a solution to resolve this problem.”

It’s unclear whether the solution stems from the company paying the ransom or restoring from backup files. Details also are currently scant around how the company was first attacked. Threatpost has reached out for further clarification.

According to a ZDNet report, the customer files were encrypted by a version of the Snatch ransomware, which is known for being distributed via spam email containing infected attachments or by exploiting vulnerabilities in the operating system and installed software. Typically Snatch ransomware locks down victim data and asks for a ransom between $500 to $1500 in Bitcoin.

SmarterASP.NET said on Monday morning it will need time to recover the remaining 10 percent of accounts, but it expects most customers to be back online within 24 hours.

“FTP and Control panel should be back to normal in the next 30 minutes or so,” according to the update.“When you login and If you see weird extensions in your files, don’t download them. Those are encrypted files and it’s useless to download them. Please wait for our staff to fix it. We will continue to keep everyone posted.”

If you are looking for ASP.NET hosting that is reliable and has friendly customer service that is always ready to be contacted, you can consider ASPHostPortal. They are experienced and offer affordable prices for each of their hosting plans. Please check their website to just see their hosting plan or can directly order their hosting services there.

Posted in Windows Hosting.