FAUST: A Phobos Ransomware Variant Launches Fileless Attack

Summary:

FAUST ransomware, a variant of the Phobos family, exhibiting intricate deployment stages, from decoding Base64 data to injecting shellcode. Notably, it employs a fileless attack through an Office document with a VBA script, emphasizing the need for user caution with document files from untrusted sources.

Threat Level – Red | Attack Report

For a detailed threat advisory, download the pdf file here

To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.