Anubi: new ransomware that attacks windows

Ransomware attacks are becoming commonplace this year. The most dangerous has been WannaCry so far, although new ransomware continues to emerge. Today is the turn of a new one that affects Windows users. This is Anubi.

Anubi: New ransomware that attacks Windows

Several security experts have already spotted Anubi online. Its operation is identical to that of other existing ransomware. It is dedicated to encrypting the files on the victim's computer. The quick way to detect it is through a new extension that the files obtain. This extension is.anubi. Something that makes it easy to detect the presence of ransomware.

How Anubi works

The first thing Anubi does when it is installed on the computer is to achieve persistence in the system, that is, it runs every time the computer is turned on. It does this by making modifications to the Windows registry. It does this to check each time whether it can encrypt more files. It occurs in both external and removable drives. Generally the threat usually comes in the form of a file called __READ_ME __. Txt.

In this file the user can find information about the infection, in addition to obtaining information about what to do to pay for and recover their files. Although security experts advise against paying this amount. Although, Anubi is not so dangerous, since the encryption of the files is very slow. So it can be detected in time.

It is best to back up or perform a system restore to avoid this threat. Anubi is undoubtedly a threat to Windows users, but among the ransomware that we have seen this year, it is among the most moderate.