Anubis is an emerging ransomware strain with a dual threat, capable of both encrypting and permanently erasing files, as noted by Trend Micro researchers. Active since December 2024, it targets various sectors, including healthcare and hospitality, in multiple countries. The ransomware operates through a flexible RaaS model, providing affiliates with lucrative revenue splits. Initial access is commonly gained via phishing, followed by tactics aimed at privilege escalation and file destruction, leaving victims with little choice but to comply with ransom demands for recovery.
The ransomware features a 'wipe mode,' which permanently erases files, rendering recovery impossible even if the ransom is paid, said Trend Micro researchers.
Anubis runs a flexible affiliate program, offering negotiable revenue splits and supporting additional monetization paths like data extortion and access sales.
Collection
[
|
...
]