Anubis Ransomware Group

Also known as: Anubis Ransomware Group

Anubis is a ransomware group that emerged in late 2024, known for using double extortion tactics and operating as a ransomware-as-a-service (RaaS). They employ various monetization models, including data ransomware and access monetization affiliate programs. The group is suspected to have former affiliates of other ransomware groups and is active on cybercrime forums like RAMP and XSS.[Kelacyber February 25 2025]

Introduction

Anubis is a ransomware group that emerged in late 2024, known for using double extortion tactics and operating as a ransomware-as-a-service (RaaS). They employ various monetization models, including data ransomware and access monetization affiliate programs. The group is suspected to have former affiliates of other ransomware groups and is active on cybercrime forums like RAMP and XSS.[Kelacyber February 25 2025]

Activities and Tactics

Information pending cataloguing.

Notable Campaigns

Information pending cataloguing.

Tactics, Techniques, and Procedures (TTPs)

Information pending cataloguing.

Notable Indicators of Compromise (IOCs)

No curated IOCs are currently published for this actor. This section will be updated when stable, attributable indicators are available.

Malware and Tools

  • CyberGate:
  • Cyber Eye RAT:

Attribution and Evidence

Information pending cataloguing.

References

[1] [Kelacyber February 25 2025