September 29, 2016
MarsJoke Ransomware Targeting Local Governments And Education
Don’t let the name fool you, MarsJoke is no laughing matter. According to Threatpost.com, this latest strain of ransomware gives you exactly 96 hours to pay a ransom or risk losing your data forever. MarsJoke is primarily targeting state and local government agencies and educational institutions in the United States.
MarsJoke uses phishing emails designed to mimic popular Airline and shipping companies, according to security vendor Proofpoint. After the file is downloaded and executed, it installs the ransomware that promptly encrypts files, but does not change original file extensions. The user is then prompted to pay a ransom of .7 Bitcoin ($320) within 96 hours.
Here are a few examples of the subjects lines affiliated with the email:
- Checking tracking number
- Check your package
- Check your TN
- Check your tracking number
- Tracking information
- Track your package
These all look common and innocent enough, right? Well, now would be a good time to brush up on how to spot a phishing email. If you'd like to learn even more about ransomware, and how you may be at risk, check out Datto’s State of the Channel Ransomware Report.