Just when you thought you wouldn’t be ‘wanting to cry no more’ from the WannaCry ransomware, Annabelle shows up and encrypts all files on your computer. To get it back from the devilish little girl, you must pay up! Failure to which, kiss them goodbye. Is there no break from these hackers’ attacks?
Annabelle is the latest ransomware in the block, as was spotted online by a security researcher named Bart. I will have you know Annabelle is the mother of all encrypters, as it boots up alongside the OS as it can overwrite the master boot record in infected computers with bootloaders.
Once your computer is up and running (coming from a boot up), Annabelle does not waste even a single micro-second and proceeds to execute the following function to strengthen her grip hold on your computer:
First, terminate all security program running on your computer
Disable Windows Defender
Turn off Firewall Protection
Encrypt all data on your computer
Infect any connected USB drives
Executes some programs
Now, tell me if that is not bad a$$? Security experts from MalwareHunterTeam dissected Annabelle and deep within her cold dark heart extracted her source code for the exploits. The discovered that this ransomware springs into action and start executing exploits the second the user logs into their computer.
It does not give a chance for other programs to start, not even programs like MSConfig, Task Manager, Process Explorer, Process Hackers, or anything else. That means, there is virtually nothing you can do to try to stop it.
As you can see, the exploit modifies virtually all files; not even program like Notepad, Notepad++, bcdedit, Chrome, and IE can run.
The malicious exploits depend on Autorun.inf files to spread, but since Microsoft disabled them in Windows 10, they are useless, but Windows 10 PCs are nonetheless vulnerable.
To get your files safely back, Annabelle instructs you visit here lair in the wild dark jungle that is the dark web. She gives instructions that you download Tor browser first, the visit her dark sites where you can pay 0.1 Bitcoin to have your files back.
Image Credit: Bleeping Computer