Phobos Ransomware Expands with New FAUST Variant

FortiGuard Labs exposed a fresh attack vector involving the FAUST ransomware, a Phobos variant. The attackers employed a Visual Basic script in an Office document to propagate FAUST. They utilized the Gitea service to store encoded files. The ransomware employs advanced evasion tactics, adds persistence, and carries an exclusion list. 


>>More