CTC’s March 2018 Threat Report: Annabelle & Crypto Mining Malware

It looks like ransomware will continue to be an ongoing threat in 2018 moving forward. Despite substantial multinational efforts from IT security teams worldwide, cybersecurity threats like Annabelle, cryptocurrency-mining malware, and Samas are continuing to hit enterprise companies and government organizations both here in the US and overseas.

Here is March 2018’s cybersecurity and threat update:


Annabelle isn’t just a horror movie anymore. Hackers have now branded a new strain of ransomware with the same name and it produces a nightmare-ish scenario for whoever is affected by it.

In addition to locking out your files like “traditional” ransomware does, Annabelle takes things a step further by also disabling your firewall, spreading to your ancillary drives (USB drives and attached hard drives), and overwrites your master boot record. Yikes.

Luckily, this ransomware was created to be more of a display of skills rather than a revenue generator for the original developer. Because Annabelle uses a static key, it is easily decryptable and someone has already found a solution to decrypt this ransomware variant.

Cryptocurrency Mining Malware

Why spend a ton of money on expensive graphics cards and cryptocurrency mining rigs when you can use someone else’s resources without them knowing? That’s the question that hackers have answered to their own benefit. And now huge corporations like Tesla and being affected by it, sometimes without them knowing.

In the case of Tesla, the cryptocurrency malware found its way into Telsa’s cloud servers through poorly secured access credentials to insert the stealth miner. The malware used non-standard ports to get into Tesla’s account and hid behind a Cloudflare IP address making it difficult to detect. It is also said that sensitive telemetry information was also breached.

This isn’t the first time that stealthy crypto mining software was found in cloud instances. Microsoft and Amazon have been affected, too.

Be Proactive Instead of Reactive

Learn from what’s happening from the big guys and prevent it from happening to you. Reach out to us today to learn more about our network security, endpoint security, and cloud security solutions.