🕵
Anubis Changes the Game: RaaS + Blackmail-as-a-Subscription
A new affiliate program called "Anubis" has surfaced on the dark web, introducing an expanded Ransomware-as-a-Service (RaaS) model. Unlike traditional ransomware schemes, Anubis operates under a unique "Data Ransom" approach, where the focus isn’t on malware deployment but on the extortion process itself.
The program’s operator, known as superSonic, offers a division of labor: hackers steal sensitive data and hand it over to the Anubis team, which takes full control of the extortion phase. Their pressure tactics include notifying business partners, regulatory bodies, and exposing victims via social media. Profits are split 60/40 in favor of the hacker.
Cybersecurity analysts believe Anubis is an evolution of the InvaderX program, as both share a rare ECIES encryption algorithm and enforce a ban on attacks targeting BRICS nations. The first affiliates have already begun operations—at the time of analysis, data leaks from four companies across the U.S., Australia, and Peru had been published.
Anubis Changes the Game: RaaS + Blackmail-as-a-Subscription A new affiliate program called "Anubis" has surfaced on the dark web, introducing an expanded Ransomware-as-a-Service (RaaS) model. Unlike traditional ransomware schemes, Anubis operates under a unique "Data Ransom" approach, where the focus isn’t on malware deployment but on the extortion process itself. The program’s operator, known as superSonic, offers a division of labor: hackers steal sensitive data and hand it over to the Anubis team, which takes full control of the extortion phase. Their pressure tactics include notifying business partners, regulatory bodies, and exposing victims via social media. Profits are split 60/40 in favor of the hacker. Cybersecurity analysts believe Anubis is an evolution of the InvaderX program, as both share a rare ECIES encryption algorithm and enforce a ban on attacks targeting BRICS nations. The first affiliates have already begun operations—at the time of analysis, data leaks from four companies across the U.S., Australia, and Peru had been published.