Anubis A Closer Look at an Emerging Ransomware with Built-in Wiper

Key Takeaways
Anubis is an emerging Ransomware-as-a-Service (RaaS) operation that combines file encryption with file destruction — a rare dual-threat capability.
The ransomware features a “wipe mode,” which permanently erases files, rendering recovery impossible even if the ransom is paid.
Anubis runs a flexible affiliate program, offering negotiable revenue splits and supporting additional monetization paths like data extortion and access sales.
Active since December 2024, Anubis has claimed victims in multiple sectors including healthcare and construction, across regions such as Australia, Canada, Peru, and the U.S.
Trend Vision One™ detects and blocks the IOCs discussed in this blog. Trend Vision One customers can also access hunting queries, threat insights, and threat intelligence reports to gain rich context and the latest updates on Anubis.

To read the complete article visit: Trend Micro.

---