In-Depth Analysis of Phobos Ransomware
In-Depth Analysis of Phobos Ransomware
Threat Level
Attack Report
For a detailed threat advisory, download the pdf file here
Summary
Phobos ransomware, active since 2018, primarily targets small to medium-sized businesses with lower ransom demands. It uses compromised RDP connections, is distributed via a Ransomware as a Service model, and has recently adopted DLL sideloading for stealthy attacks.
To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.