The Anubis ransomware group, known for its data encryption and extortion tactics, has added a file-wiping feature to its malware. This unusual move, which goes against the typical ransomware business model, raises questions about the group’s motives and potential connections to nation-state actors. The wiper capability, coupled with the group’s data exfiltration and public release threats, suggests a possible expansion of Anubis’ customer base to include hacking teams seeking to disguise disruptive efforts as criminal activity.