8Base Group Deploying New Phobos Ransomware Variant via SmokeLoader

To carry out their financially motivated attacks, the threat actors behind the 8Base ransomware are using a Phobos ransomware variant. The information is derived from Cisco Talos, which has observed a rise in the activity of cybercriminals.

In a thorough two-part analysis released on Friday, security researcher Guilherme Venere stated that SmokeLoader, a backdoor trojan, is responsible for spreading the majority of the group’s Phobos variants.

When deployed, this commodity loader usually downloads or drops more payloads. However, in 8Base campaigns, the ransomware component is embedded in the encrypted payloads read more 8Base Group Deploying New Phobos Ransomware Variant via SmokeLoader.

Get up to date on the latest cybersecurity news and enhance your knowledge of cybersecurity with our thorough coverage of the dangers, breaches, and solutions.

Leave a Reply

Your email address will not be published. Required fields are marked *