Anubis
Parsing : Enabled
Known to be a RaaS
Known to use a Captcha to block crawling.
Description
Anubis is a financially motivated cybercrime group primarily known for its banking trojan operations but also linked to ransomware activity targeting corporate networks. First identified in 2016 and evolving over time, Anubis ransomware attacks have targeted Windows systems, often deployed after initial compromises by the Anubis banking malware or other access vectors such as phishing, malicious email attachments, or exploitation of unpatched vulnerabilities. The group’s ransomware encrypts files using strong symmetric encryption algorithms, appending distinctive extensions and delivering ransom notes with payment instructions via Tor. Anubis has targeted multiple sectors worldwide, including finance, retail, and government, often combining ransomware with credential theft and data exfiltration to maximize pressure on victims. Its infrastructure and tactics overlap with other financially motivated actors, suggesting possible affiliate or shared tool usage within broader cybercriminal ecosystems.
| External Analysis |
| https://www.bleepingcomputer.com/news/security/anubis-banking-trojan-targets-android-users |
| https://www.sentinelone.com/blog/anubis-android-banking-trojan-analysis |
| https://www.trendmicro.com/en_us/research/19/j/anubis-malware-family-returns-with-new-variants.html |
| https://blog.cyble.com/2023/06/14/anubis-banking-trojan-targets-multiple-countries |
| https://www.cisa.gov/news-events/analysis-reports/ar22-187a |
| Other |
| https://x.com/Anubis__media |
| https://xss.is/members/400498/ |
| Urls |
Screen |
| http://om6q4a6cyipxvt7ioudxt24cw4oqu4yodmqzl25mqd2hgllymrgu4aqd.onion/ |
Screen |
Posts
| Date |
Title |
Description |
Screen |
| 2025-08-15 |
Grand Rapids Controls |
The 150 GB leak involves confidential documents and NDA agreements with companies such as Ford, Bentley, Lear, and others. |
Screen |
| 2025-08-14 |
Advanced HPC |
Leakage of internal documents at a company engaged in the development and implementation of HPC systems for science and defence. |
Screen |
| 2025-06-20 |
Disneyland Paris |
Confidential Disneyland documents. |
Screen |
| 2025-06-11 |
Parkway Construction LLC |
Blueprints of L3Harris, General Atomics and Virgin Galactic. |
Screen |
| 2025-04-23 |
Two Kings Casino Resort |
Leaked ultra-detailed blueprints of a casino that plans a grand opening in 2026. |
Screen |
| 2025-04-01 |
DG2 Design |
Blueprints of M1 Bank, Mastercard and so on. |
Screen |
| 2025-03-20 |
Ambleside |
Breach of personal data of patients, company employees, and dozens of incidents, including Patient abuse. |
Screen |
| 2025-02-25 |
Pound Road Medical Centre |
|
Screen |
| 2025-02-25 |
Summit Home Health, INC. |
|
Screen |
| 2025-02-25 |
Comercializadora S&E Perú |
|
Screen |
| 2025-02-25 |
First Defense Fire Protection |
|
Screen |