Wednesday, 10 July 2024

Explaining the Phobos malware in a statement released on Monday, July 8, 2024, ngCERT noted that the ransomware-as-a-service enters vulnerable networks through phishing emails or IP scanning tools for identifying susceptible Remote Desktop Protocol (RDP) ports by delivering stealth payloads.

Once in an organisation’s system, the ransomware encrypts the information and delivers ransom notes via emails, voice calls, or instant messaging platforms, giving the attacker free rein to commence extorting the victims.

A successful Phobos attack could lead to system compromise, data loss, DoS, ransom payments, financial losses, and fraudulent activity, the agency said.

As a proactive measure, the agency has advised relevant organisations to implement mitigation strategies outlined in this document to help forestall the spread of malware.

 

 By Osamu Ekhator.

Full story at Techpoint Africa.

No comments:

Post a Comment