A major US hosting provider has been hit by a serious ransomware attack, impacting hundreds of thousands of customers.
SmarterASP.NET claims to operate three ‘world-class’ data centers “delivering the reliability and flexibility necessary to support your mission-critical internet operations.”
However, the websites of its 440,000+ customers, as well as its own, went offline yesterday following the attack.
“Your hosting account was under attack and hackers have encrypted all your data. We are now working with security experts to try to decrypt your data and also to make sure this would never happen again,” SmarterASP.NET said in a notice dated today.
“Please stay tune[d] for more info. Please know that we are getting thousands of messages in our email and we don't have enough staffs to reply them all. So please don’t email us. We will continue to put out notices on our Facebook page. Please check back soon.”
The firm tweeted earlier this morning UK time to say that it would be focusing first on restoring database servers.
“Once that's recovered, most of your sites will be up and running already. You will also be able to make DB backup right away on our control panel,” it said. “We are optimistic that everything will be back to normal no longer than 12-24 hours. We will not go home until everyone is taken care of.”
It’s unclear whether the firm has been able to decrypt the locked files, either by paying up or via a third-party key, or is restoring from backups.
As of 09:45 GMT the firm claimed to have recovered 40% of affected accounts.
SmarterASP.NET is by no means the first hosting firm to be struck by ransomware. California-based Data Resolution was forced to shut its network following an attack on Christmas Day last year, while A2 Hosting lost weeks of business from an outage in spring.