Derp.ca

Phobos

MalwareBytes states that Phobos is one of the ransomware families that are distributed via hacked Remote Desktop (RDP) connections. This isn't surprising, as hacked RDP servers are a cheap commodity on the underground market, and can make for an attractive and cost efficient dissemination vector for threat groups.

Last 7 days

Mar 30, 2026
C2 Hosts: 1

Further Reading

Ransomware Damage Recovery|National Police Agency
npa.go.jp
FORCE Ransomware
pcrisk.com
Cyber threat advisory | Phobos ransomware launches new leak site and pivots towards double extortion

In April 2024, S-RM’s Cyber Threat Intelligence team identified a Faust operator, an affiliate of the Phobos Ransomware-as-a-service group, utilising a new leak site, titled ‘Space Bears’, to extor...

s-rminform.com
Atac cibernetic cu aplicația ransomware PHOBOS

SRI, în cooperare cu CERT-RO și Spitalul Clinic Nr.1 CF Witting din București, a investigat un atac cibernetic cu aplicația ransomware PHOBOS care a vizat serverele entității din domeniul sănătății.

sri.ro
Phobos: Stealthy Ransomware That Operated Under the Radar - Until Now

On November 18th, the US Justice Department unsealed criminal charges against a Russian national for allegedly administering the sale, distribution, and operation of Phobos ransomware. Phobos is co...

trellix.com