Developed by the notorious threat group Savage Ladybug (also known as FIN7), this malware combines simplicity with effectiveness through mild obfuscation techniques, allowing attackers to maintain persistent access to infected systems without raising security alerts. A newly discovered Python-based backdoor called AnubisBackdoor is enabling threat actors to execute remote commands on compromised systems while completely evading detection by most antivirus solutions. ???? New Malware Alert: Savage Ladybug (FIN7) has recently developed AnubisBackdoor, a simple yet effective Python-based backdoor with mild obfuscation, fully undetected (FUD) by most AV solutions. When users interact with these malicious elements, the AnubisBackdoor is installed on their systems, establishing persistence mechanisms and communication channels with command and control servers operated by the attackers. The malicious software enables attackers to execute commands remotely, exfiltrate sensitive data, and further compromise systems across an organization’s network infrastructure. PRODAFT’s researchers identified that the malware’s effectiveness stems from its carefully designed obfuscation techniques, which have proven remarkably successful at bypassing even sophisticated security solutions. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. The malware’s ability to operate below the detection threshold of most security tools makes it particularly dangerous in today’s threat landscape.
This Cyber News was published on cybersecuritynews.com. Publication date: Wed, 12 Mar 2025 12:20:17 +0000