MarsJoke Ransomware Wipes Data If Ransom Is Not Paid Within 96 Hours

A new form of ransomware is targeting government agencies and educational institutions in the US, using emails claiming to be from airlines. The MarsJoke ransomware was unearthed by Proofpoint security researchers, who said that a large-scale email campaign distributing the machine-locking malware began on 22 September, with the main targets being state and local government agencies. Travis Smith, Senior Security Research Engineer at Tripwire commented below.

Travis Smith, Senior Security Research Engineer at Tripwire:

Travis Smith“This time the joke’s on the malware authors.  Restoring from backups still is the easiest and safest way to recover from a ransomware infection.  The fact that ransomware is threatening to wipe data makes no difference to how anyone would respond to the infection.  By following the 3-2-1 backup theory of having three copies of your data, on two different mediums, with one of those being offsite is a great starting point for getting yourself prepared to deal with a ransomware attack.”