Phobos Ransomware Expands with New FAUST Variant

Feb 1, 2024

FortiGuard Labs exposed a fresh attack vector involving the FAUST ransomware, a Phobos variant. The attackers employed a Visual Basic script in an Office document to propagate FAUST. They utilized the Gitea service to store encoded files. The ransomware employs advanced evasion tactics, adds persistence, and carries an exclusion list. 

Get Free Report & Network Analysis

Please check your email for the free report.