Anubis ransomware has evolved to include both encryption and a destructive wiper module, making data recovery impossible for victims. It primarily targets organizations in sectors like construction, healthcare, and engineering across multiple countries using spear phishing campaigns. #AnubisRansomware #RaaS #TrendMicro #Sphinx #DataExtortion
Keypoints
- Anubis ransomware operates under the ransomware-as-a-service model since late 2024.
- It encrypts data and employs a wiper module to permanently delete files, preventing recovery.
- Threat actors distribute Anubis via spear phishing emails targeting specific organizations.
- Operators have access to negotiation options and additional monetization programs beyond typical RaaS.
- Victims include organizations in Australia, Canada, Peru, and the United States, with active attacks documented.
Read More: https://www.securityweek.com/anubis-ransomware-packs-a-wiper-to-permanently-delete-files/