MarsJoke, a new ransomware variant, spreads like wildfire through education and government sectors…
The new ransomware variant, MarsJoke, was discovered in August. This ransomware variant has been sent into the wild via a massive phishing attack. The email that includes this malware claims to have air travel confirmation details. Once the attached EXE file is downloaded, the hell begins. The ransomware locks the users files and starts making their demands.
The PC wallpaper is replaced with the ransom note. The ransom demands also show up every time the user tries to open a locked file. It has been reported by Softpedia, the ransom demand is $320 USD.
At this time, there is not a free decryption key available to restore the victim’s files.
It is not surprising a new ransomware variant is targeting educational institutions. We just reported last week that this industry is cyber criminals primary target for ransomware distribution.
What to do post infection
If you ever find yourself a victim of a ransomware attack, PC Matic encourages you to take the following step:
- Do not pay the ransom – If you do, you’re just giving the hackers a reason to keep hacking. Use your back up files to restore your systems. Again, don’t pay!!
- Inform the FBI – By informing the FBI, they can investigate to potentially bring legal action against the hacker. All cyber criminal activity should be reported to the federal IC3 agency. You can file a complaint with them here.
- Notify your current security software company – You also MUST inform your security software company. If they didn’t know they missed a malicious attack, they cannot stop it in the future. Also, many anti-virus software companies share their blacklist, or the list of known bad files. So by sharing it with your software company, they then share it with others; saving thousands of people from falling victim to the same attack that just got you.
- Educate yourselves and your employees – Many times we attend one training, or listen to one webinar and consider ourselves educated on the matter. This cannot be further from the truth. Continued education on current cyber security threats is imperative. We recommend our friends at KnowBe4 for both personal and enterprise training on cyber security. As always, all PC Matic home security subscribers are offered a free cyber security training through KnowBe4 as well.
- Reevaluate your security software protection – The reality is, your security software failed you. Now it’s time to look for an alternative security option. The United States Computer Emergency Readiness Team (US-CERT)strongly advises using a whitelist security technology. For personal uses, PC Matic home protection offers superior protection with advanced whitelisting technology. For enterprise use, there is PC Matic Pro, which offers advanced security protection with proprietary whitelisting technology.