Inside “Phobos” Ransomware: “Dharma” Past & Underground

Bridgit Sullivan writes:

Phobos is a type of Advanced Encryption Standard (AES) ransomware that was first seen in October 2017 but became increasingly active in 2019. Also referred to as Phobos NextGen or Phobos Not Dharma, Phobos ransomware is extremely similar to the Dharma and Crysis ransomware family due to the same Dharma codebase. It is an offline file-encoding virus that targets Windows operating systems. Phobos is offered as a Ransomware-as-a-Service (RaaS) package on the top-tier Eastern European forums. Phobos is an increasingly dangerous and credible ransomware threat that usually targets business and occasionally customers.

Read more on AdvIntel.

About the author: Dissent

Comments are closed.