More than $16 million have been amassed by the Phobos ransomware-as-a-service group from its nearly a thousand victims, including U.S. health providers, federal contractors, and public school systems, during the past five years, according to The Record, a news site by cybersecurity firm Recorded Future. Included in the Phobos-hit organizations that paid a ransom were a California public school system, a North Carolina children's hospital, a Maryland-based accounting and consulting service provider, and health organizations in Pennsylvania and Maryland, revealed an unsealed indictment against suspected Phobos administrator Evgenii Ptitsyn. While Phobos activity has significantly declined earlier this month amid the arrest of Ptitsyn, the RaaS operation was noted by Recorded Future ransomware expert Allan Liska to have outlasted ALPHV/BlackCat, LockBit, and other ransomware gangs due to its lower profile. Ptitsyn's arrest has also resulted in reduced activity for the 8Base ransomware gang, which has been spun off from Phobos.
Ransomware, Threat Intelligence
Phobos ransomware operation uncovered by indictment against suspected admin

(Adobe Stock)
An In-Depth Guide to Ransomware
Get essential knowledge and practical strategies to protect your organization from ransomware attacks.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds