[German]The provider SmarterASP.NET with more than 440,000 customers seems probably to be a victim of a cyber attack over the weekend. All servers are said to have been encrypted by Ransomware.
The website of SmarterASP.NET is currently available and I did not find any hints on Ransomware on the status page. But on Twitter on November 9, 2019 there were already reports that the websites was down.
— US Web Guys (@uswebguys) November 9, 2019
This tweet was dropped 16 hours ago and reports that the databases are still unavailable.
— Sifiso W. Ndlovu (@mafiswana) November 10, 2019
Catalin Cimpanu points in the following tweet to the Ransomware infestation in which all servers were encrypted.
— Catalin Cimpanu (@campuscodi) November 10, 2019
This is the third major web hosting company (after A2 in May and iNSYNQ in June) to be hit by a ransomware attack this year. Hackers have succeeded in penetrating the hosters' network and encrypting the data on customer servers. According to Catalin Cimpanu, the company is working to restore customers' servers. It is unclear whether the company has paid the ransom or whether it is restoring from backups.
Telephone inquiries are probably not possible because their telephone system may have collapsed due to the number of support inquiries. At this point it gets strange: Catalin Cimpanu writes in the ZDNet article that the hoster confirmed the attack. On the support page you could find the following text:
Your hosting account was under attack and hackers have encrypted all your data, We are now working with security experts to try to decrypt your data and also to make sure this would never happen again.
But if you go to the hoster's status page, the last entry is from June 1, 2019, so it looks like the status information quoted by Catalin Cimpanu has been deleted. Addendum: I just found this tweet:
— YnotParking (@YnotParking) November 10, 2019
A user received an e-mail, where the attack has been confirmed. According to the ZDNet article, the attack not only affected customer data on the servers, but also SmarterASP.NET itself. According to ZDNET, the company's website was unavailable all day on Saturday. In the meantime, however, the website has been available again since Sunday morning.
Some users use SmarterASP.NET as a backup for their data. This data should now be encrypted. In the article screenshots of files are posted, which should occupy the encryption.
Cookies helps to fund this blog: Cookie settings