Skip to main content

Phobos Ransomware Creates Massive Security Exploit

By February 13, 2019November 16th, 2022No Comments

Phobos Ransomware Creates Massive Security Exploit

Phobos is a new strain of ransomware that affects victims for longer, harming company productivity.

There is a new, powerful strain of ransomware making the rounds. While we don’t have all the details yet, the effects on victims is grim. This nasty piece of work is called Phobos and first appeared in December 2018.

Researchers at CoveWare have been dissecting and sifting through the code. They are finding a number of similarities with the Dharma strain of ransomware, which has plagued businesses around the world in recent years.

It would be a mistake, however, to call it a Dharma clone. Phobos also contains elements of the CrySiS ransomware. While CrySiS is itself a relative of Dharma, Phobos deserves recognition as its own variant, as it combines features and functionality in a new way.

At the end of the day though, it still spells bad news for business owners. Anyone unfortunate enough to have their system infected by the malware will find all their files encrypted, their extensions changed to Phobos, and will receive a popup message demanding payment in Bitcoin to get their files back.

Phobos Ransomware Costs

Phobos Ransomware Average Ransom vs. Ransomware Marketplace

While the Phobos ransomware payments are lower than average, the length of time to a full recovery is much longer than other attacks due to the complicated nature of the decryption tool provided by hackers.

Average Length of Phobos Incident

The amount of time from reporting to full data recovery of a Phobos Ransomware incident.

Stop Any Breach with One Tool

As always, a good defense is the best offense. Realtime Security collects live, accurate data from thousands of devices in under 10 seconds then instantly detects running .exes, malware or viruses and kill those processes before they spread.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo