Live Latest activity →
AN

anubis

Known ransomware group ACTIVE
Currently active

Anubis is a ransomware operation that emerged in 2024–2025 offering affiliates both traditional encryption and a data-extortion-only option, alongside an access-monetization scheme. It runs a double-extortion leak site.

7

Total Claims

4

Critical

Records Claimed

6

Industries Hit

Active span: Apr 21, 2026 – Jun 3, 2026 · 7 organizations targeted

Currently active
Activity 5.6 Severity 7.9 Sectors 6.5 Tooling 0.0

Actor Threat Profile

Activity Timeline

Peak: Apr 2026 (4)
Apr 2026
LessMore
Jun 2026

Share this profile

Shareable intel card for anubis

Top Targeted Industries

Healthcare 2
Energy 1
Financial Services 1
Manufacturing 1
Business Services 1
Transportation/Logistics 1

Tradecraft & Infrastructure

0

Documented tools

0 / 0

MITRE tactics / techniques

1

Known leak sites

Full intelligence profile on ransomware.live →

Targeted Organizations

Singing River Health SystemEXCEED EnergyColorado Dental Wellness CenterMarnell Financial ServicesTractialSamuel I. White, PCViaQuest

Claims by anubis

Critical

Ransomware Claim: Singing River Health System

Singing River Health System
anubis
Ransomware Healthcare
Jun 4, 2026
Critical

Ransomware Claim: EXCEED Energy

EXCEED Energy
anubis
Ransomware Energy
May 28, 2026
Critical

Ransomware Claim: Colorado Dental Wellness Center

Colorado Dental Wellness Center
anubis
Ransomware Healthcare
May 1, 2026
Critical

Ransomware Claim: Marnell Financial Services

Marnell Financial Services
anubis
Ransomware Financial Services
Apr 23, 2026
Medium

Ransomware Claim: Tractial

Tractial
anubis
Ransomware Manufacturing
Apr 23, 2026
Medium

Ransomware Claim: Samuel I. White, PC

Samuel I. White, PC
anubis
Ransomware Business Services
Apr 21, 2026
Medium

Ransomware Claim: ViaQuest

ViaQuest
anubis
Ransomware Transportation/Logistics
Apr 21, 2026

Never Miss a Critical Alert

CVE advisories, breach reports, and threat intel — delivered daily to your inbox.