www.lepide.com
Open in
urlscan Pro
69.16.250.76
Public Scan
Submitted URL: https://www.lepide.com/blog/what-is-phobos-ransomware/#:~:text=Conclusion
Effective URL: https://www.lepide.com/blog/what-is-phobos-ransomware/
Submission: On June 07 via api from DE — Scanned from DE
Effective URL: https://www.lepide.com/blog/what-is-phobos-ransomware/
Submission: On June 07 via api from DE — Scanned from DE
Form analysis 3 forms found in the DOM
Name: nucleus — GET https://www.lepide.com/blog
<form role="search" method="get" action="https://www.lepide.com/blog" name="nucleus">
<div class="input-wrappersrch"><input id="searchfocus" value="" placeholder="search the blog" class="rounded-left searchbox-inp" name="s">
<button type="submit" class="sub-btn-srch"><span class="searchall"></span></button>
</div>
</form>POST https://forms.hsforms.com/submissions/v3/public/submit/formsnext/multipart/21121310/65500bfe-2d87-4682-9f65-e148c7a2bcc6
<form id="hsForm_65500bfe-2d87-4682-9f65-e148c7a2bcc6" method="POST" accept-charset="UTF-8" enctype="multipart/form-data" novalidate=""
action="https://forms.hsforms.com/submissions/v3/public/submit/formsnext/multipart/21121310/65500bfe-2d87-4682-9f65-e148c7a2bcc6"
class="hs-form-private hsForm_65500bfe-2d87-4682-9f65-e148c7a2bcc6 hs-form-65500bfe-2d87-4682-9f65-e148c7a2bcc6 hs-form-65500bfe-2d87-4682-9f65-e148c7a2bcc6_94631677-c081-4ea7-8f3f-3dec9de8fcae blogwhitepaperlead hs-form"
target="target_iframe_65500bfe-2d87-4682-9f65-e148c7a2bcc6" data-instance-id="94631677-c081-4ea7-8f3f-3dec9de8fcae" data-form-id="65500bfe-2d87-4682-9f65-e148c7a2bcc6" data-portal-id="21121310">
<fieldset class="form-columns-0">
<div class="hs-richtext hs-main-font-element">
<div class="formheadingtitle">Get the free <span style="font-weight: bold;">COMPLETE GUIDE TO RANSOMWARE</span></div>
</div>
</fieldset>
<fieldset class="form-columns-2">
<div class="hs_firstname hs-firstname hs-fieldtype-text field hs-form-field"><label id="label-firstname-65500bfe-2d87-4682-9f65-e148c7a2bcc6" class="" placeholder="Enter your First Name"
for="firstname-65500bfe-2d87-4682-9f65-e148c7a2bcc6"><span>First Name</span><span class="hs-form-required">*</span></label>
<legend class="hs-field-desc" style="display: none;"></legend>
<div class="input"><input id="firstname-65500bfe-2d87-4682-9f65-e148c7a2bcc6" name="firstname" required="" placeholder="First Name *" type="text" class="hs-input" inputmode="text" autocomplete="given-name" value=""></div>
</div>
<div class="hs_lastname hs-lastname hs-fieldtype-text field hs-form-field"><label id="label-lastname-65500bfe-2d87-4682-9f65-e148c7a2bcc6" class="" placeholder="Enter your Last Name" for="lastname-65500bfe-2d87-4682-9f65-e148c7a2bcc6"><span>Last
Name</span><span class="hs-form-required">*</span></label>
<legend class="hs-field-desc" style="display: none;"></legend>
<div class="input"><input id="lastname-65500bfe-2d87-4682-9f65-e148c7a2bcc6" name="lastname" required="" placeholder="Last Name *" type="text" class="hs-input" inputmode="text" autocomplete="family-name" value=""></div>
</div>
</fieldset>
<fieldset class="form-columns-2">
<div class="hs_email hs-email hs-fieldtype-text field hs-form-field"><label id="label-email-65500bfe-2d87-4682-9f65-e148c7a2bcc6" class="" placeholder="Enter your Business Email" for="email-65500bfe-2d87-4682-9f65-e148c7a2bcc6"><span>Business
Email</span><span class="hs-form-required">*</span></label>
<legend class="hs-field-desc" style="display: none;"></legend>
<div class="input"><input id="email-65500bfe-2d87-4682-9f65-e148c7a2bcc6" name="email" required="" placeholder="Business Email *" type="email" class="hs-input" inputmode="email" autocomplete="email" value=""></div>
</div>
<div class="hs_phone hs-phone hs-fieldtype-text field hs-form-field"><label id="label-phone-65500bfe-2d87-4682-9f65-e148c7a2bcc6" class="" placeholder="Enter your Phone" for="phone-65500bfe-2d87-4682-9f65-e148c7a2bcc6"><span>Phone</span><span
class="hs-form-required">*</span></label>
<legend class="hs-field-desc" style="display: none;"></legend>
<div class="input"><input id="phone-65500bfe-2d87-4682-9f65-e148c7a2bcc6" name="phone" required="" placeholder="Phone *" type="tel" class="hs-input" inputmode="tel" autocomplete="tel" value=""></div>
</div>
</fieldset>
<fieldset class="form-columns-2">
<div class="hs_company hs-company hs-fieldtype-text field hs-form-field"><label id="label-company-65500bfe-2d87-4682-9f65-e148c7a2bcc6" class="" placeholder="Enter your Company Name"
for="company-65500bfe-2d87-4682-9f65-e148c7a2bcc6"><span>Company Name</span><span class="hs-form-required">*</span></label>
<legend class="hs-field-desc" style="display: none;"></legend>
<div class="input"><input id="company-65500bfe-2d87-4682-9f65-e148c7a2bcc6" name="company" required="" placeholder="Company Name *" type="text" class="hs-input" inputmode="text" autocomplete="organization" value=""></div>
</div>
<div class="hs_company_size__c hs-company_size__c hs-fieldtype-select field hs-form-field"><label id="label-company_size__c-65500bfe-2d87-4682-9f65-e148c7a2bcc6" class="" placeholder="Enter your Company size"
for="company_size__c-65500bfe-2d87-4682-9f65-e148c7a2bcc6"><span>Company size</span><span class="hs-form-required">*</span></label>
<legend class="hs-field-desc" style="display: none;"></legend>
<div class="input"><select id="company_size__c-65500bfe-2d87-4682-9f65-e148c7a2bcc6" required="" class="hs-input is-placeholder" name="company_size__c">
<option disabled="" value="">Company size *</option>
<option value="1-250">1-250</option>
<option value="251-500">251-500</option>
<option value="501-1,000">501-1,000</option>
<option value="1,001-2,500">1,001-2,500</option>
<option value="2,501-10,000">2,501-10,000</option>
<option value="10,000+">10,000+</option>
</select></div>
</div>
</fieldset>
<fieldset class="form-columns-1">
<div class="hs-dependent-field">
<div class="hs_countrys hs-countrys hs-fieldtype-select field hs-form-field"><label id="label-countrys-65500bfe-2d87-4682-9f65-e148c7a2bcc6" class="" placeholder="Enter your Country"
for="countrys-65500bfe-2d87-4682-9f65-e148c7a2bcc6"><span>Country</span><span class="hs-form-required">*</span></label>
<legend class="hs-field-desc" style="display: none;"></legend>
<div class="input"><select id="countrys-65500bfe-2d87-4682-9f65-e148c7a2bcc6" required="" class="hs-input is-placeholder" name="countrys">
<option disabled="" value="">Country *</option>
<option value="Afghanistan">Afghanistan</option>
<option value="Albania">Albania</option>
<option value="Algeria">Algeria</option>
<option value="American Samoa">American Samoa</option>
<option value="Andorra">Andorra</option>
<option value="Angola">Angola</option>
<option value="Anguilla">Anguilla</option>
<option value="Antigua and Barbuda">Antigua and Barbuda</option>
<option value="Argentina">Argentina</option>
<option value="Armenia">Armenia</option>
<option value="Aruba">Aruba</option>
<option value="Australia">Australia</option>
<option value="Austria">Austria</option>
<option value="Azerbaijan">Azerbaijan</option>
<option value="Bahamas">Bahamas</option>
<option value="Bahrain">Bahrain</option>
<option value="Bangladesh">Bangladesh</option>
<option value="Barbados">Barbados</option>
<option value="Belarus">Belarus</option>
<option value="Belgium">Belgium</option>
<option value="Belize">Belize</option>
<option value="Benin">Benin</option>
<option value="Bermuda">Bermuda</option>
<option value="Bhutan">Bhutan</option>
<option value="Bolivia">Bolivia</option>
<option value="Bosnia">Bosnia</option>
<option value="Botswana">Botswana</option>
<option value="Bouvet Island">Bouvet Island</option>
<option value="Brazil">Brazil</option>
<option value="British Indian Ocean Territory">British Indian Ocean Territory</option>
<option value="British Virgin Islands">British Virgin Islands</option>
<option value="Brunei">Brunei</option>
<option value="Bulgaria">Bulgaria</option>
<option value="Burkina Faso">Burkina Faso</option>
<option value="Burundi">Burundi</option>
<option value="Cambodia">Cambodia</option>
<option value="Cameroon">Cameroon</option>
<option value="Canada">Canada</option>
<option value="Cape Verde">Cape Verde</option>
<option value="Cayman Islands">Cayman Islands</option>
<option value="Central African">Central African Republic</option>
<option value="Chad">Chad</option>
<option value="Chile">Chile</option>
<option value="China">China</option>
<option value="Christmas Island">Christmas Island</option>
<option value="Cocos (Keeling) Islands">Cocos Islands</option>
<option value="Colombia">Colombia</option>
<option value="Comoros">Comoros</option>
<option value="Congo">Congo</option>
<option value="Cook Islands">Cook Islands</option>
<option value="Costa Rica">Costa Rica</option>
<option value="Cote d'Ivoire">Cote d'Ivoire</option>
<option value="Croatia">Croatia</option>
<option value="Cuba">Cuba</option>
<option value="Curaçao">Curaçao</option>
<option value="Cyprus">Cyprus</option>
<option value="Czech Republic">Czech Republic</option>
<option value="Dem Rep Congo">Democratic Republic of the Congo</option>
<option value="Denmark">Denmark</option>
<option value="Djibouti">Djibouti</option>
<option value="Dominica">Dominica</option>
<option value="Dominican Republic">Dominican Republic</option>
<option value="East Timor">East Timor</option>
<option value="Ecuador">Ecuador</option>
<option value="Egypt">Egypt</option>
<option value="El Salvador">El Salvador</option>
<option value="Equatorial Guinea">Equatorial Guinea</option>
<option value="Eritrea">Eritrea</option>
<option value="Estonia">Estonia</option>
<option value="Ethiopia">Ethiopia</option>
<option value="Falkland Islands">Falkland Islands (Malvinas)</option>
<option value="Faroe Islands">Faroe Islands</option>
<option value="Fiji">Fiji</option>
<option value="Finland">Finland</option>
<option value="France">France</option>
<option value="French Guiana">French Guiana</option>
<option value="French Polynesia">French Polynesia</option>
<option value="French Southern and Antarctic Lands">French Southern Territories</option>
<option value="Gabon">Gabon</option>
<option value="Gambia">Gambia</option>
<option value="Georgia">Georgia</option>
<option value="Germany">Germany</option>
<option value="Ghana">Ghana</option>
<option value="Gibraltar">Gibraltar</option>
<option value="Greece">Greece</option>
<option value="Greenland">Greenland</option>
<option value="Grenada">Grenada</option>
<option value="Guadeloupe">Guadeloupe</option>
<option value="Guam">Guam</option>
<option value="Guatemala">Guatemala</option>
<option value="Guernsey">Guernsey</option>
<option value="Guinea">Guinea</option>
<option value="Guinea-Bissau">Guinea-Bissau</option>
<option value="Guyana">Guyana</option>
<option value="Haiti">Haiti</option>
<option value="Heard Island">Heard Island</option>
<option value="Honduras">Honduras</option>
<option value="Hong Kong">Hong Kong</option>
<option value="Hungary">Hungary</option>
<option value="Iceland">Iceland</option>
<option value="India">India</option>
<option value="Indonesia">Indonesia</option>
<option value="Iran">Iran</option>
<option value="Iraq">Iraq</option>
<option value="Ireland">Ireland</option>
<option value="Isle of Man">Isle of Man</option>
<option value="Israel">Israel</option>
<option value="Italy">Italy</option>
<option value="Ivory Coast">Ivory Coast</option>
<option value="Jamaica">Jamaica</option>
<option value="Japan">Japan</option>
<option value="Jersey">Jersey</option>
<option value="Jordan">Jordan</option>
<option value="Kazakhstan">Kazakhstan</option>
<option value="Kenya">Kenya</option>
<option value="Kiribati">Kiribati</option>
<option value="Kosovo">Kosovo</option>
<option value="Kuwait">Kuwait</option>
<option value="Kyrgyzstan">Kyrgyzstan</option>
<option value="Laos">Laos</option>
<option value="Latvia">Latvia</option>
<option value="Lebanon">Lebanon</option>
<option value="Lesotho">Lesotho</option>
<option value="Liberia">Liberia</option>
<option value="Libya">Libya</option>
<option value="Liechtenstein">Liechtenstein</option>
<option value="Lithuania">Lithuania</option>
<option value="Luxembourg">Luxembourg</option>
<option value="Macau">Macau</option>
<option value="Macedonia">Macedonia</option>
<option value="Madagascar">MadagascarMexico</option>
<option value="Malawi">Malawi</option>
<option value="Malaysia">Malaysia</option>
<option value="Maldives">Maldives</option>
<option value="Mali">Mali</option>
<option value="Malta">Malta</option>
<option value="Marshall Islands">Marshall Islands</option>
<option value="Martinique">Martinique</option>
<option value="Mauritania">Mauritania</option>
<option value="Mauritius">Mauritius</option>
<option value="Mayotte">Mayotte</option>
<option value="Mexico">Mexico</option>
<option value="Micronesia">Micronesia</option>
<option value="Moldova">Moldova</option>
<option value="Monaco">Monaco</option>
<option value="Mongolia">Mongolia</option>
<option value="Montenegro">Montenegro</option>
<option value="Montserrat">Montserrat</option>
<option value="Morocco">Morocco</option>
<option value="Mozambique">Mozambique</option>
<option value="Myanmar">Myanmar</option>
<option value="Namibia">Namibia</option>
<option value="Nauru">Nauru</option>
<option value="Nepal">Nepal</option>
<option value="Netherlands">Netherlands</option>
<option value="New Caledonia">New Caledonia</option>
<option value="New Zealand">New Zealand</option>
<option value="Nicaragua">Nicaragua</option>
<option value="Niger">Niger</option>
<option value="Nigeria">Nigeria</option>
<option value="Niue">Niue</option>
<option value="Norfolk Island">Norfolk Island</option>
<option value="North Korea">North Korea</option>
<option value="Northern Mariana Islands">Northern Marianas</option>
<option value="Norway">Norway</option>
<option value="Oman">Oman</option>
<option value="Pakistan">Pakistan</option>
<option value="Palau">Palau</option>
<option value="Palestine">Palestine Terr.</option>
<option value="Panama">Panama</option>
<option value="Papua New Guinea">Papua New Guinea</option>
<option value="Paraguay">Paraguay</option>
<option value="Peru">Peru</option>
<option value="Philippines">Philippines</option>
<option value="Pitcairn Islands">Pitcairn</option>
<option value="Poland">Poland</option>
<option value="Portugal">Portugal</option>
<option value="Puerto Rico">Puerto Rico</option>
<option value="Qatar">Qatar</option>
<option value="Romania">Romania</option>
<option value="Russia">Russia</option>
<option value="Rwanda">Rwanda</option>
<option value="Réunion">Réunion</option>
<option value="Saint Barthélemy">Saint Barthélemy</option>
<option value="Saint Helena">Saint Helena</option>
<option value="Saint Lucia">Saint Lucia</option>
<option value="Saint Martin">Saint Martin (French)</option>
<option value="Saint Pierre and Miquelon">Saint Pierre and Miquelon</option>
<option value="Saint Vincent">Saint Vincent</option>
<option value="Samoa">Samoa</option>
<option value="San Marino">San Marino</option>
<option value="Sao Tome & Principe">Sao Tome & Principe</option>
<option value="Saudi Arabia">Saudi Arabia</option>
<option value="Senegal">Senegal</option>
<option value="Serbia">Serbia</option>
<option value="Seychelles">Seychelles</option>
<option value="Sierra Leone">Sierra Leone</option>
<option value="Singapore">Singapore</option>
<option value="Sint Maarten">Sint Maarten</option>
<option value="Slovakia">Slovakia</option>
<option value="Slovenia">Slovenia</option>
<option value="Solomon Islands">Solomon Islands</option>
<option value="Somalia">Somalia</option>
<option value="South Africa">South Africa</option>
<option value="South Georgia and the South Sandwich Islands">South Georgia and the South Sandwich Islands</option>
<option value="South Korea">South Korea</option>
<option value="South Sudan">South Sudan</option>
<option value="Spain">Spain</option>
<option value="Sri Lanka">Sri Lanka</option>
<option value="Sudan">Sudan</option>
<option value="Suriname">Suriname</option>
<option value="Svalbard">Svalbard</option>
<option value="Swaziland">Swaziland</option>
<option value="Sweden">Sweden</option>
<option value="Switzerland">Switzerland</option>
<option value="Syria">Syria</option>
<option value="Taiwan">Taiwan</option>
<option value="Tajikistan">Tajikistan</option>
<option value="Tanzania">Tanzania</option>
<option value="Thailand">Thailand</option>
<option value="Timor-Leste">Timor-Leste</option>
<option value="Togo">Togo</option>
<option value="Tokelau">Tokelau</option>
<option value="Tonga">Tonga</option>
<option value="Trinidad and Tobago">Trinidad and Tobago</option>
<option value="Tunisia">Tunisia</option>
<option value="Turkey">Turkey</option>
<option value="Turkmenistan">Turkmenistan</option>
<option value="Turks and Caicos Islands">Turks and Caicos</option>
<option value="Tuvalu">Tuvalu</option>
<option value="U.S. Virgin Islands">U.S. Virgin Islands</option>
<option value="Uganda">Uganda</option>
<option value="Ukraine">Ukraine</option>
<option value="U.A.E.">United Arab Emirates</option>
<option value="United Kingdom">United Kingdom</option>
<option value="United States">United States</option>
<option value="Uruguay">Uruguay</option>
<option value="Uzbekistan">Uzbekistan</option>
<option value="Vanuatu">Vanuatu</option>
<option value="Vatican City">Vatican City</option>
<option value="Venezuela">Venezuela</option>
<option value="Vietnam">Vietnam</option>
<option value="Wallis and Futuna">Wallis and Futuna</option>
<option value="Western Sahara">Western Sahara</option>
<option value="Yemen">Yemen</option>
<option value="Zambia">Zambia</option>
<option value="Zimbabwe">Zimbabwe</option>
<option value="Åland Islands">Åland Islands</option>
</select></div>
</div>
</div>
</fieldset>
<fieldset class="form-columns-0">
<div class="hs-richtext hs-main-font-element">
<p>By downloading you agree to the terms in our <a href="https://www.lepide.com/privacy-policy.html" style="color: #333; text-decoration: underline;">privacy policy</a>.</p>
</div>
</fieldset>
<fieldset class="form-columns-1">
<div class="hs_count_name hs-count_name hs-fieldtype-text field hs-form-field" style="display: none;"><label id="label-count_name-65500bfe-2d87-4682-9f65-e148c7a2bcc6" class="" placeholder="Enter your Count Name"
for="count_name-65500bfe-2d87-4682-9f65-e148c7a2bcc6"><span>Count Name</span></label>
<legend class="hs-field-desc" style="display: none;"></legend>
<div class="input"><input name="count_name" class="hs-input" type="hidden" value="2"></div>
</div>
</fieldset>
<fieldset class="form-columns-1">
<div class="hs_topic hs-topic hs-fieldtype-text field hs-form-field" style="display: none;"><label id="label-topic-65500bfe-2d87-4682-9f65-e148c7a2bcc6" class="" placeholder="Enter your topic"
for="topic-65500bfe-2d87-4682-9f65-e148c7a2bcc6"><span>topic</span></label>
<legend class="hs-field-desc" style="display: none;"></legend>
<div class="input"><input name="topic" class="hs-input" type="hidden" value="Ransomware ebook download"></div>
</div>
</fieldset>
<fieldset class="form-columns-1">
<div class="hs_sitename__c hs-sitename__c hs-fieldtype-textarea field hs-form-field"><label id="label-sitename__c-65500bfe-2d87-4682-9f65-e148c7a2bcc6" class="" placeholder="Enter your Sitename"
for="sitename__c-65500bfe-2d87-4682-9f65-e148c7a2bcc6"><span>Sitename</span></label>
<legend class="hs-field-desc" style="display: none;"></legend>
<div class="input"><textarea id="sitename__c-65500bfe-2d87-4682-9f65-e148c7a2bcc6" class="hs-input hs-fieldtype-textarea" name="sitename__c" placeholder=""></textarea></div>
</div>
</fieldset>
<fieldset class="form-columns-1">
<div class="hs_ebook_name hs-ebook_name hs-fieldtype-text field hs-form-field" style="display: none;"><label id="label-ebook_name-65500bfe-2d87-4682-9f65-e148c7a2bcc6" class="" placeholder="Enter your ebook name"
for="ebook_name-65500bfe-2d87-4682-9f65-e148c7a2bcc6"><span>ebook name</span></label>
<legend class="hs-field-desc" style="display: none;"></legend>
<div class="input"><input name="ebook_name" class="hs-input" type="hidden" value="The complete guide to ransomware"></div>
</div>
</fieldset>
<fieldset class="form-columns-1">
<div class="hs_check_for_re_assignment hs-check_for_re_assignment hs-fieldtype-select field hs-form-field" style="display: none;"><label id="label-check_for_re_assignment-65500bfe-2d87-4682-9f65-e148c7a2bcc6" class=""
placeholder="Enter your check for re-assignment" for="check_for_re_assignment-65500bfe-2d87-4682-9f65-e148c7a2bcc6"><span>check for re-assignment</span></label>
<legend class="hs-field-desc" style="display: none;"></legend>
<div class="input"><input name="check_for_re_assignment" class="hs-input" type="hidden" value="Yes"></div>
</div>
</fieldset>
<div class="hs_submit hs-submit">
<div class="hs-field-desc" style="display: none;"></div>
<div class="actions"><input type="submit" class="hs-button primary large" value="Download eBook"></div>
</div><input name="hs_context" type="hidden"
value="{"embedAtTimestamp":"1686155051123","formDefinitionUpdatedAt":"1684491981116","lang":"en","embedType":"SHARABLE","clonedFromForm":"aa7ae829-b991-47c2-a16c-76a41de781a0","notifyHubSpotOwner":"true","renderRawHtml":"true","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36","pageTitle":"Phobos Ransomware: All You Need to Know","pageUrl":"https://www.lepide.com/blog/what-is-phobos-ransomware/","isHubSpotCmsGeneratedPage":false,"hutk":"08711968fea17844c0d838790d37279a","__hsfp":78086756,"__hssc":"64168112.1.1686155054950","__hstc":"64168112.08711968fea17844c0d838790d37279a.1686155054949.1686155054949.1686155054949.1","formTarget":"#hbspt-form-94631677-c081-4ea7-8f3f-3dec9de8fcae","locale":"en","timestamp":1686155054987,"originalEmbedContext":{"portalId":"21121310","formId":"65500bfe-2d87-4682-9f65-e148c7a2bcc6","region":"na1","target":"#hbspt-form-94631677-c081-4ea7-8f3f-3dec9de8fcae","isBuilder":false,"isTestPage":false,"isPreview":false,"cssClass":"blogwhitepaperlead","isMobileResponsive":true},"correlationId":"94631677-c081-4ea7-8f3f-3dec9de8fcae","renderedFieldsIds":["firstname","lastname","email","phone","company","company_size__c","countrys","count_name","topic","sitename__c","ebook_name","check_for_re_assignment"],"captchaStatus":"NOT_APPLICABLE","emailResubscribeStatus":"NOT_APPLICABLE","isInsideCrossOriginFrame":false,"source":"forms-embed-1.3300","sourceName":"forms-embed","sourceVersion":"1.3300","sourceVersionMajor":"1","sourceVersionMinor":"3300","_debug_allPageIds":{},"_debug_embedLogLines":[{"clientTimestamp":1686155051198,"level":"INFO","message":"Retrieved customer callbacks used on embed context: [\"onFormSubmit\"]"},{"clientTimestamp":1686155051199,"level":"INFO","message":"Retrieved pageContext values which may be overriden by the embed context: {\"pageTitle\":\"Phobos Ransomware: All You Need to Know\",\"pageUrl\":\"https://www.lepide.com/blog/what-is-phobos-ransomware/\",\"userAgent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36\",\"isHubSpotCmsGeneratedPage\":false}"},{"clientTimestamp":1686155051202,"level":"INFO","message":"Retrieved countryCode property from normalized embed definition response: \"DE\""},{"clientTimestamp":1686155054978,"level":"INFO","message":"Retrieved analytics values from API response which may be overriden by the embed context: {\"hutk\":\"08711968fea17844c0d838790d37279a\"}"}]}"><iframe
name="target_iframe_65500bfe-2d87-4682-9f65-e148c7a2bcc6" style="display: none;"></iframe>
</form>POST https://forms.hsforms.com/submissions/v3/public/submit/formsnext/multipart/21121310/5c6f4cc1-56ba-4533-8b79-30d1a8a0d855
<form id="hsForm_5c6f4cc1-56ba-4533-8b79-30d1a8a0d855" method="POST" accept-charset="UTF-8" enctype="multipart/form-data" novalidate=""
action="https://forms.hsforms.com/submissions/v3/public/submit/formsnext/multipart/21121310/5c6f4cc1-56ba-4533-8b79-30d1a8a0d855"
class="hs-form-private hsForm_5c6f4cc1-56ba-4533-8b79-30d1a8a0d855 hs-form-5c6f4cc1-56ba-4533-8b79-30d1a8a0d855 hs-form-5c6f4cc1-56ba-4533-8b79-30d1a8a0d855_1e164c07-3be4-4992-9b08-c73bb2e5bc27 hs-form stacked"
target="target_iframe_5c6f4cc1-56ba-4533-8b79-30d1a8a0d855" data-instance-id="1e164c07-3be4-4992-9b08-c73bb2e5bc27" data-form-id="5c6f4cc1-56ba-4533-8b79-30d1a8a0d855" data-portal-id="21121310">
<div class="hs_email hs-email hs-fieldtype-text field hs-form-field"><label id="label-email-5c6f4cc1-56ba-4533-8b79-30d1a8a0d855" class="" placeholder="Enter your Email" for="email-5c6f4cc1-56ba-4533-8b79-30d1a8a0d855"><span>Email</span><span
class="hs-form-required">*</span></label>
<legend class="hs-field-desc" style="display: none;"></legend>
<div class="input"><input id="email-5c6f4cc1-56ba-4533-8b79-30d1a8a0d855" name="email" required="" placeholder="Your Business Email *" type="email" class="hs-input" inputmode="email" autocomplete="email" value=""></div>
</div>
<div class="hs_topic hs-topic hs-fieldtype-text field hs-form-field" style="display: none;"><label id="label-topic-5c6f4cc1-56ba-4533-8b79-30d1a8a0d855" class="" placeholder="Enter your topic"
for="topic-5c6f4cc1-56ba-4533-8b79-30d1a8a0d855"><span>topic</span></label>
<legend class="hs-field-desc" style="display: none;"></legend>
<div class="input"><input name="topic" class="hs-input" type="hidden" value="Newsletter Signup"></div>
</div>
<div class="hs_submit hs-submit">
<div class="hs-field-desc" style="display: none;"></div>
<div class="actions"><input type="submit" class="hs-button primary large" value="Sign up"></div>
</div><input name="hs_context" type="hidden"
value="{"embedAtTimestamp":"1686155053277","formDefinitionUpdatedAt":"1651666979897","lang":"en","embedType":"SHARABLE","disableCookieSubmission":"true","notifyHubSpotOwner":"true","renderRawHtml":"true","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36","pageTitle":"Phobos Ransomware: All You Need to Know","pageUrl":"https://www.lepide.com/blog/what-is-phobos-ransomware/","isHubSpotCmsGeneratedPage":false,"hutk":"08711968fea17844c0d838790d37279a","__hsfp":78086756,"__hssc":"64168112.1.1686155054950","__hstc":"64168112.08711968fea17844c0d838790d37279a.1686155054949.1686155054949.1686155054949.1","formTarget":"#hbspt-form-1e164c07-3be4-4992-9b08-c73bb2e5bc27","locale":"en","timestamp":1686155054995,"originalEmbedContext":{"portalId":"21121310","formId":"5c6f4cc1-56ba-4533-8b79-30d1a8a0d855","region":"na1","target":"#hbspt-form-1e164c07-3be4-4992-9b08-c73bb2e5bc27","isBuilder":false,"isTestPage":false,"isPreview":false,"isMobileResponsive":true},"correlationId":"1e164c07-3be4-4992-9b08-c73bb2e5bc27","renderedFieldsIds":["email","topic"],"captchaStatus":"NOT_APPLICABLE","emailResubscribeStatus":"NOT_APPLICABLE","isInsideCrossOriginFrame":false,"source":"forms-embed-1.3300","sourceName":"forms-embed","sourceVersion":"1.3300","sourceVersionMajor":"1","sourceVersionMinor":"3300","_debug_allPageIds":{},"_debug_embedLogLines":[{"clientTimestamp":1686155053351,"level":"INFO","message":"Retrieved pageContext values which may be overriden by the embed context: {\"pageTitle\":\"Phobos Ransomware: All You Need to Know\",\"pageUrl\":\"https://www.lepide.com/blog/what-is-phobos-ransomware/\",\"userAgent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36\",\"isHubSpotCmsGeneratedPage\":false}"},{"clientTimestamp":1686155053353,"level":"INFO","message":"Retrieved countryCode property from normalized embed definition response: \"DE\""},{"clientTimestamp":1686155054989,"level":"INFO","message":"Retrieved analytics values from API response which may be overriden by the embed context: {\"hutk\":\"08711968fea17844c0d838790d37279a\"}"}]}"><iframe
name="target_iframe_5c6f4cc1-56ba-4533-8b79-30d1a8a0d855" style="display: none;"></iframe>
</form>Text Content
Check out our NEW in-browser demo of Lepide Data Security Platform Launch demo ✕
Toggle navigation
✕
*
* Download Free Trial
* Platform
* Overview
*
* Lepide Auditor
* Auditing and Reporting
Monitor, audit and report on changes and interactions with platforms,
files and folders across your on-premises and cloud environment.
Learn more On-Premise & Cloud Platforms We Audit
* * Windows Active Directory
* Windows File Server
* Exchange Server
* SQL Server
* SharePoint
* Microsoft Office 365
* Amazon S3
* Dropbox
* G Suite
* More...
* Lepide Detect
* Detect and Respond to Threats
Intelligent threat detection through real time alerts, anomaly spotting
and automated threat response.
Learn more Features
* * Threat Detection Anomaly spotting and real time alerts.
* Threat Response Automated actions based on alerts.
* Lepide Trust
* Implement Zero Trust
Instant visibility on permission changes, spot users with excessive
permissions and reverse unwanted changes.
Learn more Features
* * Risk Analysis Identify areas of risk and govern access to sensitive
data.
* Permissions Analysis Analyze changes, and review current and historic
permissions.
* Lepide Identify
* Locate and Classify Sensitive Data and PII
Data classification adds context to your security efforts. E-Discovery
helps to speed up privacy and data subject access requests.
Learn more Features
* * Data Classification Discover and Classify data on-premise and in the
cloud.
* eDiscovery Speed up privacy and data subject access requests with
eDiscovery.
*
* In-Browser Demo
* How It Works
* SIEM Integration
* Platforms We Support
* Free Risk Assessment
* Solutions
* Identity Access Management
* * Active Directory Security
* Active Directory Self Service
* Manage Inactive AD Accounts
* AD Password Expiry Notifications
* Privileged Access Management
* Track Account Lockouts
* Data Security
*
* * Data Classification
* Data Access Governance
* Compromised Users
* Data Breaches
* Data Loss Prevention
* Insider Threats
* Microsoft 365 Security
* Remote Worker Security
* Ransomware Protection
* Zero Trust
* Compliance
*
* * CMMC
* CJIS
* SOX
* ISO
* CCPA
* GDPR
* GLBA
* FISMA
* HIPAA
* PCI DSS
* DSARs
* More...
* Industry
* * Finance/Banking
* Education
* Healthcare
* Public Sector
* Technology
* IT Management
* * Manage Event Logs
* Restore Deleted Objects
* Rollback Unwanted Changes
* Session Recording
* Server Health Check
* Company
* About Us
* News
* Customers
* Customer Portal
* Case Studies
* Careers
* Contact Us
* Partners
* Find a Partner
* Become a Partner
* Register a Deal
* Alliance Partners
* Partner Portal
* Resources
* Product Documentation
* Product Video Guides
* Webinars
* Whitepapers
* eBooks
* Datasheets
* Blog
* How-tos
* CISO Talks
* Freeware
* Blog
* Ransomware
* Phobos Ransomware: All You Need to Know
facebook Twitter Linkedin
In This Article
What is Phobos Ransomware? How Does Phobos Ransomware Spread? How Does Phobos
Ransomware Work? Notable Phobos Ransomware Attacks and Damages How to Prevent
from Phobos Ransomware Attack Impacts of the Phobos Ransomware Attack What are
the Benefits of Cybersecurity Measures? How Lepide Helps Protect Against Phobos
Ransomware Attacks
PHOBOS RANSOMWARE: ALL YOU NEED TO KNOW
Danny Murphy | 9 min read| Published On - April 13, 2023
Ransomware has grown in popularity among cybercriminals seeking personal
benefit. While some ransomware is distinct and inventive, others are strikingly
identical. The last group includes Phobos ransomware. Despite not being the most
noticeable ransomware strain, Phobos may wreak substantial harm to your system
and leave a trail of ruin in its wake.
In this blog, I will present an in-depth investigation of Phobos ransomware,
including its features, how it spreads, and ways to safeguard yourself or your
organization.
Get the free COMPLETE GUIDE TO RANSOMWARE
First Name*
Last Name*
Business Email*
Phone*
Company Name*
Company size*
Company size *1-250251-500501-1,0001,001-2,5002,501-10,00010,000+
Country*
Country *AfghanistanAlbaniaAlgeriaAmerican SamoaAndorraAngolaAnguillaAntigua and
BarbudaArgentinaArmeniaArubaAustraliaAustriaAzerbaijanBahamasBahrainBangladeshBarbadosBelarusBelgiumBelizeBeninBermudaBhutanBoliviaBosniaBotswanaBouvet
IslandBrazilBritish Indian Ocean TerritoryBritish Virgin
IslandsBruneiBulgariaBurkina FasoBurundiCambodiaCameroonCanadaCape VerdeCayman
IslandsCentral African RepublicChadChileChinaChristmas IslandCocos
IslandsColombiaComorosCongoCook IslandsCosta RicaCote
d'IvoireCroatiaCubaCuraçaoCyprusCzech RepublicDemocratic Republic of the
CongoDenmarkDjiboutiDominicaDominican RepublicEast TimorEcuadorEgyptEl
SalvadorEquatorial GuineaEritreaEstoniaEthiopiaFalkland Islands (Malvinas)Faroe
IslandsFijiFinlandFranceFrench GuianaFrench PolynesiaFrench Southern
TerritoriesGabonGambiaGeorgiaGermanyGhanaGibraltarGreeceGreenlandGrenadaGuadeloupeGuamGuatemalaGuernseyGuineaGuinea-BissauGuyanaHaitiHeard
IslandHondurasHong KongHungaryIcelandIndiaIndonesiaIranIraqIrelandIsle of
ManIsraelItalyIvory
CoastJamaicaJapanJerseyJordanKazakhstanKenyaKiribatiKosovoKuwaitKyrgyzstanLaosLatviaLebanonLesothoLiberiaLibyaLiechtensteinLithuaniaLuxembourgMacauMacedoniaMadagascarMexicoMalawiMalaysiaMaldivesMaliMaltaMarshall
IslandsMartiniqueMauritaniaMauritiusMayotteMexicoMicronesiaMoldovaMonacoMongoliaMontenegroMontserratMoroccoMozambiqueMyanmarNamibiaNauruNepalNetherlandsNew
CaledoniaNew ZealandNicaraguaNigerNigeriaNiueNorfolk IslandNorth KoreaNorthern
MarianasNorwayOmanPakistanPalauPalestine Terr.PanamaPapua New
GuineaParaguayPeruPhilippinesPitcairnPolandPortugalPuerto
RicoQatarRomaniaRussiaRwandaRéunionSaint BarthélemySaint HelenaSaint LuciaSaint
Martin (French)Saint Pierre and MiquelonSaint VincentSamoaSan MarinoSao Tome &
PrincipeSaudi ArabiaSenegalSerbiaSeychellesSierra LeoneSingaporeSint
MaartenSlovakiaSloveniaSolomon IslandsSomaliaSouth AfricaSouth Georgia and the
South Sandwich IslandsSouth KoreaSouth SudanSpainSri
LankaSudanSurinameSvalbardSwazilandSwedenSwitzerlandSyriaTaiwanTajikistanTanzaniaThailandTimor-LesteTogoTokelauTongaTrinidad
and TobagoTunisiaTurkeyTurkmenistanTurks and CaicosTuvaluU.S. Virgin
IslandsUgandaUkraineUnited Arab EmiratesUnited KingdomUnited
StatesUruguayUzbekistanVanuatuVatican CityVenezuelaVietnamWallis and
FutunaWestern SaharaYemenZambiaZimbabweÅland Islands
By downloading you agree to the terms in our privacy policy.
Count Name
topic
Sitename
ebook name
check for re-assignment
WHAT IS PHOBOS RANSOMWARE?
Phobos ransomware was first discovered in December of 2018 and is a cyber threat
that primarily targets organizations. However, unlike other cybercriminal groups
that go after more prominent targets for bigger payouts, the perpetrators behind
Phobos tend to focus on smaller businesses that may not have the resources to
pay large ransoms. As a result, the average ransom demand for a Phobos attack is
around $18,755.
Phobos ransomware has close similarities in structure and approach to two other
notorious viruses, Crysis and Dharma. Crysis was first detected in 2016 and
gained popularity after its source code was released online. With the creation
of decryption keys for Crysis, cybercriminals adapted the code to create Dharma.
When decryption tools were developed to target Dharma, the ransomware evolved
again, leading to the emergence of Phobos in 2018.
HOW DOES PHOBOS RANSOMWARE SPREAD?
Phobos ransomware, like other malware, affects systems and possibly spreads
throughout the whole network in the following ways:
* By phishing to obtain account information and passwords or to fool the victim
into opening a harmful attachment.
* Using the Remote Desktop Protocol (RDP) to obtain immediate access. Port 3389
is the port targeted by Phobos ransomware.
* By patching exploits, other software flaws, and
* brute-forced remote desktop protocol credentials.
HOW DOES PHOBOS RANSOMWARE WORK?
When Phobos ransomware infiltrates your system, it does not usually attempt to
circumvent Windows User Account Control (UAC). The threat actor will copy and
run the executable file with administrative rights.
The ransomware will then install itself in critical areas, such as the Windows
Startup folder, and establish registry entries to resume even when the machine
is restarted.
Phobos will then begin a constant scan, focusing on local user files and network
shares while looking for new files that fit the encryption requirements. This
includes user-generated assets such as documents, frequently used directories,
and media.
It encrypts all standard-sized files. Its technique, however, differs for huge
files, partly encoding just specified regions. It manages to save time while
also maximizing damage in this manner.
Phobos employs AES-256 in addition to RSA-1024. The data is AES-encrypted,
whereas the private key needed for decryption is RSA-encrypted. AES and RSA are
both commonly used for secure data transfer for lawful and criminal purposes
In addition to encrypting your data, Phobos stops current operating system
processes to clear its route into your files. It also removes local backups and
shadow copies. Lastly, it disables recovery mode and your firewall to prevent
you from resetting the device and eradicating the infection.
When the first encryption procedure is complete, the ransomware program
generates two files with the same ransom note. There is a text file as well as
an HTA file. The HTA file is opened and presented on the screen when the
encryption process is finished.
The ransom demand includes the victim’s name and demand ID, as well as an email
address to which the victim should write payment instructions. The ransom amount
is not displayed in demand and can be changed at any time by the attacker. The
attackers will also bargain. But, if the ransom is not paid, it will rise over
time.
NOTABLE PHOBOS RANSOMWARE ATTACKS AND DAMAGES
Phobos ransomware has been responsible for several high-profile attacks since
its emergence in 2018. Here are some of the notable incidents:
* In December 2019, the University of Maastricht in the Netherlands was hit by
a Phobos ransomware attack that affected its computer systems, email, and
file servers. The university ended up paying a ransom of 30 bitcoin
(approximately $220,000) to regain access to its files.
* In March 2019, the National Association of the Deaf (NAD) suffered a Phobos
ransomware attack that encrypted the organization’s files and disrupted its
operations.
* In March 2020, the insurance company Chubb was hit by a Phobos ransomware
attack that reportedly affected its computer systems worldwide. The attackers
demanded a ransom of $15 million, which Chubb did not pay.
* In May 2020, the International Labour Organization (ILO), a United Nations
agency, suffered a Phobos ransomware attack that affected its computer
systems and forced it to temporarily shut down its website and email
services.
HOW TO PREVENT FROM PHOBOS RANSOMWARE ATTACK
Damages are involved whenever an organization or an individual is hit by a
ransomware attack. Phobos ransomware can cause significant damage to an
organization’s operations, reputation, and financial stability, as we have seen
from the attacks mentioned above.
Therefore, it is essential to implement adequate preventive and protective
measures. The following are some measures you can take to protect your
organization from a Phobos attack;
* Educate your staff on Ransomware – Your staff is your first line of defense
against an impending attack as a small company owner targeted by Phobos
ransomware. This is why I propose prioritizing teaching them as part of a
bigger preventative strategy. As a result, training employees to spot
suspicious links, malware attachments, counterfeit branding, and other spam
components is a great security resource for your company.
* Create Offline and Online Data Backups – In a Phobos ransomware attack,
retaining backups of your company’s data allows you to restore files without
paying hackers for a decryptor.
* Patch Software Vulnerabilities Regularly – As previously stated, Phobos
spreads via patch exploits and other software vulnerabilities, among other
methods. You should install software updates as soon as their various
developers release them.
IMPACTS OF THE PHOBOS RANSOMWARE ATTACK
Phobos ransomware attacks can result in significant financial losses for
organizations. For example, in December 2019, the University of Maastricht paid
a ransom of 30 bitcoin to regain access to its files.
Further, the attacks can disrupt an organization’s operations, causing downtime
and lost productivity. For instance, in January 2019, the City of Del Rio in
Texas was forced to shut down certain services following a Phobos ransomware
attack on its email system.
Phobos ransomware attacks can damage an organization’s reputation, especially if
sensitive or confidential data is stolen or leaked. For example, in March 2019,
the National Association of the Deaf suffered a Phobos ransomware attack that
disrupted its operations and compromised some of its data.
Lastly, Phobos ransomware attacks can also result in legal and regulatory
compliance issues for organizations, especially if personal or sensitive data is
stolen or compromised. This can result in fines, legal action, and reputational
damage.
WHAT ARE THE BENEFITS OF CYBERSECURITY MEASURES?
Cybersecurity is critical in today’s digital age because it helps protect
organizations and individuals from a wide range of cyber threats, including
ransomware attacks like Phobos. Here are some reasons why cybersecurity is
essential:
* Cybersecurity helps protect sensitive information such as personal data,
financial information, and trade secrets from cybercriminals who seek to
exploit them for malicious purposes. This is crucial to maintaining trust and
credibility with customers and stakeholders.
* Cybersecurity measures help prevent financial losses from cyber attacks such
as ransomware, which can cause significant financial loss to organizations
and individuals.
* Cybersecurity helps maintain business operations by preventing disruptions
caused by cyber-attacks. Disruptions can result in lost productivity,
downtime, and other negative consequences.
* Cybersecurity helps organizations comply with legal and regulatory
requirements for protecting sensitive data. Failure to comply can result in
fines, legal action, and reputational damage.
* Cybersecurity measures help protect against reputational damage resulting
from cyber attacks. A cyber attack can damage an organization’s reputation,
losing trust and credibility with customers and stakeholders.
HOW LEPIDE HELPS PROTECT AGAINST PHOBOS RANSOMWARE ATTACKS
Lepide helps protect against ransomware attacks in several ways. Primarily, the
Lepide Data Security Platform can help detect ransomware attacks in progress in
a variety of ways, including:
* User Behavior Analytics – Detecting abnormal behavior from users or entities
on the network. This can include activities such as accessing files at
unusual times, accessing files they don’t normally access, or attempting to
access files from unusual locations. These activities can be an indication of
a ransomware attack.
* Automated Threat Models – Lepide can automatically detect unusual activity
that might indicate ransomware, such as bulk file renames, and execute custom
scripts in real-time to address the threat. These threat models come out of
the box and can be turned on with a single click.
Lepide is also useful when it comes to mitigating the risk of ransomware attacks
by narrowing your attack surface. Use Lepide Data Security Platform to identify
users with passwords that never expire, inactive users, stale sensitive data,
open shares, and more. Rectifying these states can help to improve your overall
threat surface area and reduce the risk of a ransomware attack.
CONCLUSION
In conclusion, Phobos ransomware is a strain of malware that targets small
businesses, encrypts all standard-sized files, and demands a ransom from victims
to recover their files. Phobos ransomware spreads through phishing, exploiting
software flaws, and brute-forcing remote desktop protocol credentials. It
installs itself in critical system areas, encrypts files, disables recovery mode
and firewall, and clears local backups and shadow copies.
Several high-profile attacks have been attributed to Phobos ransomware, such as
the University of Maastricht, Chubb, and the International Labour Organization.
It is thus essential to educate staff on ransomware and implement measures to
prevent and protect systems from Phobos ransomware.
By staying up to date about ransomware attacks, individuals and organizations
can be better prepared to prevent and mitigate the impact of such attacks. This
includes being aware of the latest techniques and tools cybercriminals use to
spread ransomware, understanding the vulnerabilities in your systems and
networks, and implementing effective preventive measures to reduce the risk of
an attack.
Moreover, staying informed about ransomware attacks can help individuals and
organizations recognize the signs of an attack and take prompt action to limit
the damage. This includes identifying the type of ransomware, isolating affected
systems and networks, and reporting the attack to the relevant authorities.
If you’d like to see how the Lepide Data Security Platform can help you protect
against ransomware attacks, schedule a demo with one of our engineers or start
your free trial today.
Danny Murphy
Danny brings over 10 years’ experience in the IT industry to our Leadership
team. With award winning success in leading global Pre-Sales and Support teams,
coupled with his knowledge and enthusiasm for IT Security solutions, he is here
to ensure we deliver market leading products and support to our extensively
growing customer base
Popular Blog Posts
* Top 10 Most Important Group Policy Settings for Preventing Security Breaches
Data Security
* 15 Common Types of Cyber Attacks and How to Mitigate Them Data Security
* Common Causes of Frequent Active Directory Account Lockouts IT Operations
Platform
* Overview
* Lepide Auditor
* Lepide Detect
* Lepide Trust
* Lepide Identify
Solutions
* Ransomware Protection
* Remote Workers
* Insider Threats
* Compromised Users
* Data Access Governance
* Data Classification
Support
* Contact Support
* Support Options
* Documentation
* Video Guides
Partner
* Find a Partner
* Become a New Partner
* New Deal Registration
* Alliance Partnerships
* Partner Portal
Company
* About Us
* Meet the Team
* News
* Events
* Customers
* Awards & Reviews
* Careers
* Contact Us
* Freeware
* Linkedin
* Twitter
* facebook
* YouTube
Sign up for our monthly newsletter
Email*
topic
* Home
* Privacy Policy
* Sitemap
* XML