Webinar: Enabling a 360° View of Your Likely Threats & Security Posture - Watch On-demand Webinar Now!

In-Depth Analysis of Phobos Ransomware

Threat Advisories

In-Depth Analysis of Phobos Ransomware

Threat Level
Attack Report

For a detailed threat advisory, download the pdf file here


Phobos ransomware, active since 2018, primarily targets small to medium-sized businesses with lower ransom demands. It uses compromised RDP connections, is distributed via a Ransomware as a Service model, and has recently adopted DLL sideloading for stealthy attacks.

To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.

Sign up to receive our Weekly Threat Digest