SmarterASP.NET is Struck by Ransomware Which Encrypted Client Data

  • An unidentified ransomware strain has hit SmarterASP.NET on Saturday, and the service is still recovering.
  • The company says that about 40% of the affected clients have gotten their websites back already.
  • Customers are urged to refrain from sending emails and to monitor the firm’s social media instead.

SmarterASP.NET has published an official announcement informing its customers of a ransomware attack that was successful. As a result, all client data has been encrypted now, and security experts are working together with the IT team of the web hosting services provider to decrypt it. At the same time, the firm is also trying to implement security measures, to prevent this from happening again in the future. As they also clarify, they are currently receiving thousands of email messages from worried clients, so it is impossible to answer them all immediately. Those who want to stay informed about the status of the web hosting services should be keeping an eye on the SmarterASP.ET Facebook, or Twitter.

As the company brings some servers back online, some customers may have already gotten back their sites, while others could wait for another 24 hours before they are ready to get back to business. The latest update, which came about 15 minutes before we published this, SmarterASP.NET has already managed to recover 40% of the affected accounts. We can’t tell what this percentage corresponds to, but it sounds promising at least.

The attack unfolded during the weekend, and the SmarterASP.NET website became inaccessible throughout Saturday. This was when the first complaints started popping up on social media, wrongfully accusing the firm of trying to downplay or even hide the incident by not providing any official statements. Obviously, the web hosting provider was still investigating and also busy responding to the attack. The clients who managed to access their website files and backend databases were shocked to find that everything had been encrypted, with all files carrying the “.kjhbx” extension. At this time, we’re unsure about the type of ransomware that results in this extension.

source: ZDNet

This means that we also don’t know if SmarterASP.NET is using a decrypter, has paid the ransom, or is restoring the client data from backups. ZDNet has sourced screenshots from some of the firm’s clients, which depict the above ransom note. The actors promise a speedy recovery of the files and advise the admins not to restart the NAS equipment and not to rename the encrypted files, as either would result in the permanent and irreversible loss of the files. The actor is also offering to decrypt three files for free, as proof of his/her ability to recover the files.

Have something to comment on the above? Feel free to do it in the comments down below, or on our socials, on Facebook and Twitter.


Recent Articles

10 Best Ultrawide Gaming Monitors in 2020

Ultrawide monitors are a relatively new trend in the world of computers, mainly because the technology required to make them feasible was not mature...

More Than 15 Billion Stolen Credentials Are Circulating Out There

Stolen credentials are sold by the billions today, as we have about 185 data breaches per day. Almost one-third of the stolen...

Here’s What We Know About Kilos, the Biggest Dark Web Market

One of the most infamous sites on the Dark Web was a search engine known as "Grams." Launched in 2014, Grams allowed users to search...

Zoom Announced the Launch of Its “Hardware as a Service” Program

Zoom calls companies to consider renting teleconferencing equipment from them and launches a new program. The hardware manufacturers that will support the...

The U.S. Copyright Office Says Pirates Shouldn’t Lose Their Internet Connection

Breaking the law is condemnable, but barring someone out of the internet world is unconstitutional. The U.S. Copyright Office is calling the...