A new ransomware variant called Annabelle has been discovered, which seems to have been designed to ‘show off the skills’ of the developer who created it, by being as difficult to deal with as possible.
The ransomware terminates numerous security programs, disables Windows Defender, turning off the firewall, encrypting your files, trying to spread through USB drives, making it so you can’t run a variety of programs, and overwriting the master boot record of the infected computer with a boot loader.
Larry Abrams at Bleepingcomputer said: “Discovered by security researcher Bart, Annabelle Ransomware includes everything but the kitchen sink when it comes to screwing up a computer. Overall, this ransomware was developer to be a PITA and to show off the developer’s skills rather than to actually generate ransom payments.
The good news is that this ransomware is based off of Stupid Ransomware and is easily decryptable. As it uses a static key, Michael Gillespie was able to update his StupidDecryptor in order to decrypt this variant.”
Here are instructions at bleepingcomputer to clean up this horrific mess:
https://www.bleepingcomputer.com/news/security/the-annabelle-ransomware-is-a-horrific-mess/
** Optrics Inc is an authorized KnowBe4 Partner
The original article can be found here:
https://blog.knowbe4.com/annabelle-the-terrifying-new-ransomware-variant