Cybersecurity & InfoSec

🚨 They’re back. Russian threat group FIN7 is using Anubis—a lightweight Python backdoor that grants full remote access to Windows machines without leaving detectable files.

It runs entirely in memory, evades most defenses, and can steal passwords, take screenshots, and exfiltrate data—all masked with Base64 and hosted on compromised SharePoint sites.

🔗 Full analysis:

🚨 They’re back. Russian threat group FIN7 is using Anubis—a lightweight Python backdoor that grants full remote access to Windows machines without leaving detectable files.

It runs entirely in memory, evades most defenses, and can steal passwords, take screenshots, and exfiltrate data—all masked with Base64 and hosted on compromised SharePoint sites.

🔗 Full analysis: https://thehackernews.com/2025/04/fin7-deploys-anubis-backdoor-to-hijack.html