Alias Description | Votes |
---|---|
Faust is a possible alias for Phobos. Faust is a newly discovered variant of the Phobos ransomware, an evolution of the Dharma/Crysis ransomware. It shares similar Tactics, Techniques, and Procedures (TTPs) with other variants such as Elking, Eight, Devos, and Backmydata, indicating a likely connection between them. Researchers from For | 6 |
Backmydata is a possible alias for Phobos. Backmydata is a variant of the Phobos ransomware family, a malicious software (malware) designed to exploit and damage computer systems. It has been used in sophisticated cyber-attacks on healthcare entities, notably hospitals. The landscape of such attacks is evolving, with groups like RansomHouse, | 5 |
Devos is a possible alias for Phobos. Devos is a variant of Phobos ransomware, a type of malware that infects systems and holds data hostage for ransom. It is closely linked to other variants such as Elking, Eight, Backmydata, and Faust ransomware due to similar Tactics, Techniques, and Procedures (TTPs) observed in their intrusions. Op | 4 |
Elking is a possible alias for Phobos. Elking is a type of malware, specifically a variant of the Phobos ransomware. Malware is a harmful program designed to exploit and damage computer systems, often infiltrating them via suspicious downloads, emails, or websites. Once inside a system, it can steal personal information, disrupt operatio | 3 |
8base is a possible alias for Phobos. 8base, a significant threat actor in the cybersecurity landscape, has been active between April 2022 and May 2023. This group, while not new, has recently increased its visibility with the activation of a public leak site used to pressure victims into paying ransoms. In the last month alone, 8base o | 3 |
Eking is a possible alias for Phobos. Eking is a malware, specifically a variant of the Phobos ransomware family. Malware, or malicious software, is designed to infiltrate and damage computers without the users' consent. Eking can infect systems through suspicious downloads, emails, or websites, often unbeknownst to the user. Once insid | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The Smokeloader Malware is associated with Phobos. SmokeLoader is a malicious software (malware) used by threat actors to infect systems and exfiltrate data. It operates in conjunction with other open-source tools like Cobalt Strike and Bloodhound, but most notably with Phobos ransomware. Threat actors often use SmokeLoader as a hidden payload in sp | Unspecified | 5 |
The Lockbit Malware is associated with Phobos. LockBit is a type of malware, specifically ransomware, that infiltrates systems to exploit and damage them. It typically enters through suspicious downloads, emails, or websites without the user's knowledge. Once inside, it can steal personal information, disrupt operations, or hold data hostage for | Unspecified | 3 |
The WannaCry Malware is associated with Phobos. WannaCry is a type of malware, specifically ransomware, that had one of the most significant impacts in recent cyber history. It first appeared in May 2017 and was known as the largest ransomware attack at the time. The malicious software exploited vulnerabilities in Windows systems (CVE-2017-0144, | Unspecified | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The Alphv Threat Actor is associated with Phobos. AlphV, also known as BlackCat, is a notorious threat actor that has been active since November 2021. This group pioneered the public leaks business model and has been associated with various ransomware families, including Akira, LockBit, Play, and Basta. AlphV gained significant attention for its la | Unspecified | 2 |
Preview | Source Link | CreatedAt | Title |
---|---|---|---|
BankInfoSecurity | 22 days ago | ||
Securityaffairs | 2 months ago | ||
Securityaffairs | 3 months ago | ||
CERT-EU | 8 months ago | ||
Securityaffairs | 3 months ago | ||
Securityaffairs | 3 months ago | ||
Securityaffairs | 3 months ago | ||
InfoSecurity-magazine | 3 months ago | ||
Securityaffairs | 4 months ago | ||
Securityaffairs | 4 months ago | ||
Securityaffairs | 4 months ago | ||
Securityaffairs | 4 months ago | ||
Securityaffairs | 5 months ago | ||
Securelist | 5 months ago | ||
Securelist | 6 months ago | ||
Securityaffairs | 6 months ago | ||
Securityaffairs | 6 months ago | ||
BankInfoSecurity | 6 months ago | ||
Securityaffairs | 6 months ago | ||
Securityaffairs | 7 months ago |