Anubis Ransomware: Double Trouble with File Encryption and Permanent Data Wipe!
Anubis ransomware hits the scene with a rare dual-threat: encrypting files and wiping them clean. Victims are left with files reduced to 0 KB, making recovery impossible and upping the pressure to pay. With an affiliate program offering negotiable revenue splits, Anubis is proving to be a formidable foe in the cybercrime world.
Hot Take:
In the ever-evolving game of cybersecurity cat and mouse, the cheeky Anubis ransomware decided to play both sides by not only locking away your data but also sending it on a permanent vacation. Who knew ransomware would take on the role of both burglar and arsonist, burning down the evidence after the heist? It’s a whole new level of digital mischief!
Key Points:
- Anubis ransomware can both encrypt and permanently erase files, using a “wipe mode.”
- The RaaS operation started in December 2024, affecting sectors like healthcare and hospitality.
- Anubis runs a flexible affiliate program with varying revenue splits based on the monetization scheme.
- Phishing emails are used as the initial access vector, followed by privilege escalation.
- FIN7 group is using new infrastructure to distribute malware via fake software update pages.
Already a member? Log in here