A new ransomware variant called Annabelle has been discovered, which seems to have been designed to ‘show off the skills’ of the developer who created it, by being as difficult to deal with as possible.
The ransomware terminates numerous security programs, disables Windows Defender, turning off the firewall, encrypting your files, trying to spread through USB drives, making it so you can’t run a variety of programs, and overwriting the master boot record of the infected computer with a boot loader.
Larry Abrams at Bleepingcomputer said: "Discovered by security researcher Bart, Annabelle Ransomware includes everything but the kitchen sink when it comes to screwing up a computer. Overall, this ransomware was developer to be a PITA and to show off the developer's skills rather than to actually generate ransom payments.
The good news is that this ransomware is based off of Stupid Ransomware and is easily decryptable. As it uses a static key, Michael Gillespie was able to update his StupidDecryptor in order to decrypt this variant."
Here are instructions at bleepingcomputer to clean up this horrific mess:
Free Ransomware Simulator Tool
How vulnerable is your network against a ransomware attack?
Bad guys are constantly coming out with new strains to evade detection. Is your network effective in blocking all of them when employees fall for social engineering attacks?
KnowBe4’s "RanSim" gives you a quick look at the effectiveness of your existing network protection. RanSim will simulate 10+ infection scenarios and show you if a workstation is vulnerable to infection.
Source: Denver Post.