Anubis

Compare

Parsing: enabled Known RaaS Captcha in place

Description

Anubis is a financially motivated cybercrime group primarily known for its banking trojan operations but also linked to ransomware activity targeting corporate networks. First identified in 2016 and evolving over time, Anubis ransomware attacks have targeted Windows systems, often deployed after initial compromises by the Anubis banking malware or other access vectors such as phishing, malicious email attachments, or exploitation of unpatched vulnerabilities. The group’s ransomware encrypts files using strong symmetric encryption algorithms, appending distinctive extensions and delivering ransom notes with payment instructions via Tor. Anubis has targeted multiple sectors worldwide, including finance, retail, and government, often combining ransomware with credential theft and data exfiltration to maximize pressure on victims. Its infrastructure and tactics overlap with other financially motivated actors, suggesting possible affiliate or shared tool usage within broader cybercriminal ecosystems.

External Analysis5

External Analysis
https://www.bleepingcomputer.com/news/security/anubis-banking-trojan-targets-android-users
https://www.sentinelone.com/blog/anubis-android-banking-trojan-analysis
https://www.trendmicro.com/en_us/research/19/j/anubis-malware-family-returns-with-new-variants.html
https://blog.cyble.com/2023/06/14/anubis-banking-trojan-targets-multiple-countries
https://www.cisa.gov/news-events/analysis-reports/ar22-187a

Other2

Other
https://x.com/Anubis__media
https://xss.is/members/400498/

Urls1

Url	Status	Screen	Uptime 30d	Health
http://om6q4a6cyipxvt7ioudxt24cw4oqu4yodmqzl25mqd2hgllymrgu4aqd.onion/	Down		0%

Activity (interactive) 26

Posts26

Date	Title	Description	Screen
2025-11-06	Dermatology Associates	Leak of clinic customer data.	Screen
2025-11-03	Mayco International [www.maycointernational.com]	Data breach at automotive industry leader.	Screen
2025-11-03	Mayco International	Data breach at automotive industry leader.	Screen
2025-10-23	Goodfellow & Schuettlaw	Personal data, confidential documents, and more.	Screen
2025-10-23	Paterson & Dowding Family Lawyers	Law firm data breach	Screen
2025-10-17	Aussie Fluid Power	An Australian engineering leader has fallen victim to a cyberattack causing a data breach.	Screen
2025-10-11	Maine Oxy	Financial data breach	Screen
2025-10-10	Den Hartogh Logistics	Data leak at one of the world's leading logistics service providers	Screen
2025-10-07	One law firm in Canada	It seems they have decided to play silent.	Screen
2025-10-01	DRL Group	Customer data leak	Screen
2025-09-30	Storage King	Major personal data leak	Screen
2025-09-26	DRL group	Customer data leak	Screen
2025-09-19	Alan Shintani, Inc	Photos and blueprints of government facilities.	Screen
2025-09-02	GCC of America, inc.	Data breach at one of the largest cement and concrete producers in North America.	Screen
2025-08-28	TRAF Industrial Products Inc	Data breach at an aerospace and defense contractor.	Screen
2025-08-15	Grand Rapids Controls	The 150 GB leak involves confidential documents and NDA agreements with companies such as Ford, Bentley, Lear, and others.	Screen
2025-08-14	Advanced HPC	Leakage of internal documents at a company engaged in the development and implementation of HPC systems for science and defence.	Screen
2025-06-20	Disneyland Paris	Confidential Disneyland documents.	Screen
2025-06-11	Parkway Construction LLC	Blueprints of L3Harris, General Atomics and Virgin Galactic.	Screen
2025-04-23	Two Kings Casino Resort	Leaked ultra-detailed blueprints of a casino that plans a grand opening in 2026.	Screen
2025-04-01	DG2 Design	Blueprints of M1 Bank, Mastercard and so on.	Screen
2025-03-20	Ambleside	Breach of personal data of patients, company employees, and dozens of incidents, including Patient abuse.	Screen
2025-02-25	Pound Road Medical Centre		Screen
2025-02-25	Summit Home Health, INC.		Screen
2025-02-25	Comercializadora S&E Perú		Screen
2025-02-25	First Defense Fire Protection		Screen