How To Remove Phobos Ransomware From PC

How to remove Phobos Ransomware

Ransomware is always the biggest threats for any PC and security experts recently detected yet another ransomware named as Phobos Ransomware which was first observed on October 21, 2017.

On deep research we found that, Phobos Ransomware is primarily targeting Western Europe and the United States computer user and delivers its ransom messages in the English language to the victims. When talking about its intrusion methods, then spam email attachments, that seems to be genuine and appear as Microsoft Word documents that have enabled macros. As soon as you respond to this document, it install the Phobos Ransomware onto the victim’s computer and then after like other kind of ransomware it begins its encryption process.

Files Encrypted by the Phobos Ransomware

This Ransomware works by encrypting the victim’s files via a strong encryption algorithm. The encryption makes the files inaccessible and take the victim’s data hostage until the victim pays a ransom. Below are the file extensions that are primarily targeted by Phobos Ransomware:-

.aif, .apk, .arj, .asp, .bat, .bin, .cab, .cda, .jpeg, .jpg, .jsp, .log, .mid, .mp3, .mp4, .psd, .rar, .rpm, .rss, .rtf, .sql, .svg, .tar.gz, .wpd, .wpl, .wps, .wsf, .xlr, .xls, .xlsx, .zip., .ogg,.part, .pdf, .php, .pkg, .png, .ppt, .pptx & more

As you have seen above, Ransomware mainly targeting documents, media, images, and some other commonly used files, and encrypts them following the AES 256 encryption. Now after, this very deadly ransomware communicate with its Command and Control server in order to relay data about infected computers, as well as to receive configuration data. Files encrypted by its attack can be easily identified as it change their names to the following string:

..ID[eight random characters].[ottozimmerman@protonmail.ch].PHOBOS

Phobos Ransomware’s Ransom Demands

After your files gets infected, this very ransomware delivers a ransom note in the form of a program window having title ‘Your files are encrypted!’. Below are the complete message:-

Phobos Ransomware

Dealing with the Phobos Ransomware

Unfortunately, once the Ransomware encrypts the files, it becomes very hard or almost impossible to restore the affected files without the decryption key. Well, you don’t need to worry as using the recommended Malware Removal Tool you can easily remove the Phobos Ransomware without paying a single penny to the cyber criminals.

Leave a Reply

Your email address will not be published. Required fields are marked *