Anubis: The New Mobile Malware You Need to Know

Mobile malware is increasing at a frightening pace – and yet most mobile users do almost nothing to protect their devices against attack. One of the simplest things to keep yourself and your devices safe is to learn about some of the biggest digital threats, taking the appropriate steps to achieve effective security. In 2023, perhaps the most threatening malware targeting mobile devices is called Anubis – and here’s what every mobile user should know about it.

Anubis Is a RAT

In Ancient Egypt, Anubis was the imposing jackal-headed god of the underworld, but in 2023, Anubis is known as a RAT, or a remote-access Trojan. This type of malware secretes itself onto devices, downloading and installing without detection, extending administrative privileges to attackers so they may view a user’s files and make changes to their device without a user’s knowledge or permission.

Like other RATs, Anubis has many diverse methods for delivery onto a victim’s device. Most often, Anubis is distributed via malicious websites, many of which claim to be associated with legitimate websites and promote the download of a file supposed to help web users in some key way but actually only infects them with malware. Anubis has also been discovered in phishing messages sent via email or social media as well as within malicious applications in the Google Play Store.

anubis mobile malware. Image by Gerd Altmann from Pixabay
Anubis mobile malware. Image by Gerd Altmann from Pixabay

Anubis Is Open-source

While many threat actors carefully control their latest and greatest malware, expecting to benefit greatly from its deployment, Anubis is available to any would-be cybercriminal who knows how to use it. The source code for Anubis is freely found all over the dark web, so hackers the world over can use it or modify it to suit their needs.

Already, RATs offer attackers a lot of flexibility with how they infiltrate devices and what they can do once the malware is installed. Cybercrime gangs have utilized the wide range of functionality they gain through Anubis to achieve devastation in diverse ways, such as:

Credential theft. Most often, Anubis abuses accessibility services to capture a user’s banking login credentials, which attackers then use to drain a user’s checking and savings accounts.

SMS interception. Attackers can read and send SMS messages through Anubis. Not only does this open another avenue for the collection of sensitive information and dispersal of malware, but it also means that attackers can take control of multi-factor authentication attempts used by banks and other institutions for enhanced security.

Keylogging. A relatively rudimentary attack but an effective one nonetheless, keylogging involves recording a user’s keystrokes. This is often used to capture more passwords and other sensitive data.

Audio recording. Anubis gives attackers control of a mobile device’s microphone, which means attackers can listen to victims’ conversations. This can be used to collect sensitive information for extortion, and it is undeniably frightening to most mobile users.

Screen capture. Attackers can use Anubis to take screenshots, which may be useful when users are displaying useful information in other applications.

Location tracking. Mobile phones track users’ locations using GPS, and attackers can find and use this information to understand more about their victims.

Ransomware. Some Anubis variants can lock mobile devices, denying users access until they complete a certain task as outlined in the ransom note – usually making some kind of payment to attackers.

Anubis Can Be Avoided

RATs are notoriously difficult for security programs to detect, both before they are installed and afterwards. And, unlike other forms of malware, RATs remain dangerous even after the original malware has been removed from a victim’s device because attackers usually take advantage of their administrative power to give themselves permanent backdoors. Thus, it is most important for mobile device users to maintain safe habits that are unlikely to put them in contact with Anubis or other mobile malware like it.

First, a mobile security solution from a trusted cyber security provider goes a long way toward guiding users safely around the web. Users can link their mobile security app to a more comprehensive security solution on all their devices to keep their entire network safe from attack.

Next, users should learn to recognize the signs of malicious links and apps. Strange spelling or grammar, odd graphics and poor reviews are all signs that users should not interact with a certain entity or they will risk downloading malware onto their device. It is also wise to stay away from third-party app stores; though Anubis has been found in Google Play, as a whole the store much more reliably identifies and removes malicious programs than other stores around the web.

Anubis is among the most threatening mobile malwares online today, but the more you know about it, the better equipped you can become to avoid it. Fortunately, the tools and tactics used to thwart Anubis will also come in handy for other mobile malware into the future.

Alan Gray
Alan Gray is the Publisher and Editor-in-Chief of NewsBlaze Daily News and other online newspapers. He prefers to edit, rather than write, but sometimes an issue rears it's head and makes him start hammering away on the keyboard.

Content Expertise

Alan has been on the internet since it first started. He loves to use his expertise in content and digital marketing to help businesses grow, through managed content services. After living in the United States for 15 years, he is now in South Australia. To learn more about how Alan can help you with content marketing and managed content services, contact him by email.

Technical Expertise

Alan is also a techie. His father was a British soldier in the 4th Indian Division in WWII, with Sikhs and Gurkhas. He was a sergeant in signals and after that, he was a printer who typeset magazines and books on his linotype machine. Those skills were passed on to Alan and his brothers, who all worked for Telecom Australia, on more advanced signals (communications). After studying electronics, communications, and computing at college, and building and repairing all kinds of electronics, Alan switched to programming and team building and management.He has a fascination with shooting video footage and video editing, so watch out if he points his Canon 7d in your direction.