Anubis Backdoor - Threat Group Cards: A Threat Actor
Encyclopedia
Archived: 2026-04-05 17:45:08 UTC
Home > List all groups > List all tools > List all groups using tool Anubis Backdoor
 Tool: Anubis Backdoor
Names Anubis Backdoor
Category Malware
Type Backdoor
Description
(The Hacker News) The financially motivated threat actor known as FIN7 has been linked to a
Python-based backdoor called Anubis (not to be confused with an Android banking trojan of
the same name) that can grant them remote access to compromised Windows systems.
'This malware allows attackers to execute remote shell commands and other system
operations, giving them full control over an infected machine,' Swiss cybersecurity company
PRODAFT said in a technical report of the malware.
Information <https://thehackernews.com/2025/04/fin7-deploys-anubis-backdoor-to-hijack.html>
Last change to this tool card: 21 April 2025
Download this tool card in JSON format
All groups using tool Anubis Backdoor
Changed Name Country Observed
APT groups
  FIN7 2013-Jul 2024
1 group listed (1 APT, 0 other, 0 unknown)
Source: https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=8283dd8a-538a-463b-89b2-528f6885a386
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=8283dd8a-538a-463b-89b2-528f6885a386
Page 1 of 1