A new  called Annabelle has been discovered, which seems to have been designed to ‘show off the skills’ of the developer who created it, by being as difficult to deal with as possible. The ransomware terminates numerous programs, disables Windows Defender, turning off the firewall, encrypting your files, trying to spread through USB drives, making it so you can’t run a variety of programs, and overwriting the master boot record of the infected computer with a boot loader. Andy Norton, Director of Threat Intelligence at Lastline commented below.

Andy Norton, Director of Threat Intelligence at Lastline:

- Andy Norton - Annabelle: The Terrifying New Ransomware Variant“The more malicious things a piece of code does, the more alarm bells start ringing when scrutinised with behavioural analysis. , by design would simply not pose a threat to any organisation using behavioural analysis, because it exhibits too many bad functions. It sets off too many alarms. Qkg, was interesting from a research perspective, because many machine learned behavioural algorithms were trained on Ransomware encrypting many thousands of existing files and deleting shadow copy. Qkg did neither, instead it went after newly created files.”

Source link
Based Blockchain Network


Please enter your comment!
Please enter your name here