MarsJoke ransomware is a vicious threat targeting Windows

By: Madeleine Dean
2 minute read

A new ransomare recently reared its ugly head, targeting government agencies and educational institutions, as well as regular users. MarsJoke ransomware is viciously attacking millions of users by sending scam emails, pretending to be from an airline company.

Victims are informed somebody sent them a parcel and are kindly invited to click on a link in order to track that parcel. Unsuspecting victims, pushed by curiosity, click on the link and open the Hell’s gates. The link redirects them to a file hosting website to download an executable file named “file_6.exe.”  Of course, once the file is downloaded, the MarsJoke ransomware takes over your files and immediately encrypts them.

The encrypted files will then carry the ‘.a19’ and ‘.ap19’ extensions. Moreover, the MarsJoke ransomware also takes over the desktop background, and displays a message informing users that their files have been encrypted, alongside a 96-hour timer. If the victims don’t pay the ransom in 96 hours, their files are permanently encrypted.

The MarsJoke ransomware is extremely dangerous because it exploits a well-known weakness in the computer network of government agencies. Microsoft has warned organisations countless times about the security risks they are exposing themselves to by choosing to run old, unsupported operating systems. As a quick reminder, the US is the leading country in the world when it comes to technological innovation, yet US government agencies still using unsupported Windows versions.

[…] Beginning on September 22, 2016, we detected the first large-scale email campaign distributing MarsJoke. This ongoing campaign appears to target primarily state and local government agencies and educational institutions in the United States.

Companies are in the same boat, as many are still relying on Windows Server 2003 with Windows Server 2016 knocking on the door. Moreover, companies are also using outdated Windows and IE versions. As you can see, this is the perfect recipe for disaster.

This situation is valid all over the world, for example London cops spend over $2 million to stick with Windows XP, paying for a Microsoft Custom Support Agreement in order to keep receiving security updates for the old operating system. Image what could happen if the MarsJoke ransomware took over these computers. You may say it’s highly unlikely that a Police employee falls in MarsJoke’s trap, but you know what Murphy’s laws say.

Meanwhile, do avoid opening suspicious emails and clicking on suspicious links and install one of these anti-malware programs on your computer for an extra-layer of protection.


For various PC problems, we recommend this tool.

This software will repair common computer errors, protect you from file loss, malware, hardware failure and optimize your PC for maximum performance. Fix PC issues now in 3 easy steps:

  1. Download this PC Repair Tool rated "Excellent" on
  2. Click “Start Scan” to find Windows issues that could be causing PC problems.
  3. Click “Repair All” to fix all issues with Patended Technologies (requires upgrade).

Next up

Best Windows 10 antivirus software to use in 2018

By: Radu Tyrsina
7 minute read

Update – 2018 will soon come to an end and we already have a guide on what is the best antivirus you should get in […]

Continue Reading

These features are out for good with Windows 10 version 1809' By: Sovan Mandal
2 minute read

Microsoft is all set to launch its next big update, Windows 10 version 1809 in October. While that should be a nice piece of news […]

Continue Reading

Windows 10 18H2 builds no longer receive new features

By: Matthew Adams
3 minute read

The Windows 10 October 2018 Update (otherwise 18H2) rollout might now be two to three weeks away. For the last few months, new build previews […]

Continue Reading