Leading ASP.NET host crippled by ransomware attack

The platform is working to restore services to more than 440,000 affected customers

hacking and ransomware

A widely-used ASP.NET service provider, used by more than 440,000 customers, was taken offline on Saturday after cyber criminals targeted its systems with ransomware.

SmarterASP confirmed this weekend that its hosting services were under attack, with hackers encrypting all the data belonging to itself as well as its 440,441 users. The SmarterASP website, too, was taken offline on Saturday before it was restored the next day.

"Your hosting account was under attack and hackers have encrypted all your data," the provider said in a statement.

"We are now working with security experts to try to decrypt your data and also to make sure this would never happen again. Please stay tuned for more info."

Advertisement - Article continues below
Advertisement - Article continues below

The firm advised that users refrain from contacting the company directly, given a shortage of staff to deal with the complaints, and asked users to keep up-to-date with its Facebook page for more information.

SmarterASP subsequently said this morning that it had developed a solution to resolving the problem, but needs more time to fully restore services. Moreover, work is underway on a "new system" built to prevent issues recurring in the future.

"We will dedicate all of our time, money and knowledge on this matter so no customers of ours have to face this again," the followup statement said.

However, no additional detail as to the nature of the new system, or how it would be different from SmarterASP's previous system, was released.

At the time of writing, the company has restored 40% of its customers' affected accounts, according to its Facebook page, and expects most services to be restored over the next 24 hours.

ASP.NET is an open-source web application framework designed for web development based around dynamic design. It was developed by Microsoft to allow developers to build dynamic websites as well as applications and services.

Advertisement - Article continues below

The company hasn't disclosed whether it's restoring its services from an archival or backup system, or whether it's complied with the cyber criminals' ransom demands.

Although the majority of IT security professionals don't believe such ransoms should be paid, 40% would consider paying ransomware demands as it's the easiest method of remediation, according to research.

IT Pro approached the company for more details surrounding the ransomware attack, including what measures it's taken to prevent future attacks.

Featured Resources

Digitally perfecting the supply chain

How new technologies are being leveraged to transform the manufacturing supply chain

Download now

Three keys to maximise application migration and modernisation success

Harness the benefits that modernised applications can offer

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

The 3 approaches of Breach and Attack Simulation technologies

A guide to the nuances of BAS, helping you stay one step ahead of cyber criminals

Download now



How can you protect your business from crypto-ransomware?

4 Nov 2019
internet security

Avast and AVG extensions pulled from Chrome

19 Dec 2019

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

public sector

UK gov launches £300,000 SEN EdTech initiative

22 Jan 2020
operating systems

17 Windows 10 problems - and how to fix them

13 Jan 2020
mergers and acquisitions

Xerox to nominate directors to HP's board – reports

22 Jan 2020
web browser

What is HTTP error 503 and how do you fix it?

7 Jan 2020