Phobos Ransomware Creates Massive Security Exploit

Phobos Ransomware Creates Massive Security Exploit

There is a new, powerful strain of ransomware making the rounds. While we don’t have all the details yet, the effects on victims is grim. This nasty piece of work is called Phobos and first appeared in December 2018.

Researchers at CoveWare have been dissecting and sifting through the code. They are finding a number of similarities with the Dharma strain of ransomware, which has plagued businesses around the world in recent years.

It would be a mistake, however, to call it a Dharma clone. Phobos also contains elements of the CrySiS ransomware. While CrySiS is itself a relative of Dharma, Phobos deserves recognition as its own variant, as it combines features and functionality in a new way.

At the end of the day though, it still spells bad news for business owners. Anyone unfortunate enough to have their system infected by the malware will find all their files encrypted, their extensions changed to Phobos, and will receive a popup message demanding payment in Bitcoin to get their files back.

Phobos Ransomware Costs

While the Phobos ransomware payments are lower than average, the length of time to a full recovery is much longer than other attacks due to the complicated nature of the decryption tool provided by hackers.

Average Length of Phobos Incident

The amount of time from reporting to full data recovery of a Phobos Ransomware incident.

Stop Any Breach with One Tool

As always, a good defense is the best offense. Realtime Security collects live, accurate data from thousands of devices in under 10 seconds then instantly detects running .exes, malware or viruses and kill those processes before they spread.