Anubis Ransomware: Double Threat of Encryption and File Wiping

TL;DR

• Anubis ransomware is a new threat that both encrypts and wipes files, ensuring data cannot be recovered even if the ransom is paid.
• This dual-threat capability makes Anubis a particularly dangerous form of ransomware, as it renders data recovery efforts futile.
• Cybersecurity experts warn about the increasing sophistication of ransomware attacks and the need for robust prevention measures.

Anubis Ransomware: A Dual Threat

A newly discovered ransomware strain, Anubis, has emerged with the alarming capability to both encrypt and permanently erase files. This dual functionality has been described as a “rare dual-threat” by cybersecurity experts. The ransomware features a ‘wipe mode’ that ensures files are irrecoverably deleted, making data restoration impossible even if victims pay the ransom¹.

Understanding the Threat

Researchers at Trend Micro, including Maristel Policarpio and Sarah Pearl Camiling, have warned that Anubis poses a significant risk due to its unique ability to wipe files. Traditional ransomware typically encrypts data and demands payment in exchange for the decryption key. However, Anubis goes a step further by ensuring that even after payment, the data remains unrecoverable¹.

Key Features of Anubis Ransomware

• Encryption: Anubis encrypts files using a sophisticated algorithm, rendering them inaccessible without the decryption key.
• Wipe Mode: The ransomware can activate a ‘wipe mode’ that permanently deletes files, ensuring that data recovery is impossible.
• Payment Futility: Even if victims pay the ransom, the data remains unrecoverable due to the wiping process.

Implications for Cybersecurity

The emergence of Anubis highlights the evolving nature of ransomware threats. Cybersecurity professionals must adapt to these new challenges by implementing robust prevention and detection measures. Organizations should focus on regular backups, employee training, and advanced threat detection systems to mitigate the risks posed by such sophisticated attacks¹.

Conclusion

Anubis ransomware represents a significant advancement in cyber threats, combining encryption with file wiping to create a devastating impact. As ransomware continues to evolve, it is crucial for organizations to stay vigilant and proactive in their cybersecurity strategies. By understanding and preparing for these new threats, businesses can better protect their data and minimize the risk of catastrophic data loss.

For more details, visit the full article: source.

References

1. (2025). “Anubis Ransomware Encrypts and Wipes Files, Making Recovery Impossible Even After Payment”. The Hacker News. Retrieved 2025-06-16. ↩︎ ↩︎² ↩︎³