<div>
Not likely. &nbsp;Backups are your only solution here. The majority of ransomware cannot be decrypted.
</div>


Not likely.  Backups are your only solution here. The majority of ransomware cannot be decrypted.

<div>
Have you ever seen one that encrypts that large of image files?
</div>


Have you ever seen one that encrypts that large of image files?

<div>
Most ransomware will encrypt any number of large / small files
</div>


Most ransomware will encrypt any number of large / small files

<div>
Decryption depends on the writer actually being caught by the authorities, with his/her work pc/laptop intact and accessible.<br />
That chance, is pretty low.<br />
If there are decryption tools available, it's usually listed here: <a href="https://www.nomoreransom.org/en/decryption-tools.html" rel="ugc">https://www.nomoreransom.org/en/decryption-tools.html</a><br />
In your case, as with 99.999% of the cases, it's not listed.
</div>


Decryption depends on the writer actually being caught by the authorities, with his/her work pc/laptop intact and accessible.
That chance, is pretty low.
If there are decryption tools available, it's usually listed here: https://www.nomoreransom.org/en/decryption-tools.html [https://www.nomoreransom.org/en/decryption-tools.html]
In your case, as with 99.999% of the cases, it's not listed.

IT Manager

Jason Johanknecht

<div>
Good to know on the submitting samples. &nbsp;I have worked with Emsisoft in the past, and had forgotten all about them. &nbsp;Depending on the clients decision, but that will be recommendation. &nbsp;It is only a days worth of data, and easily recreated they said.
</div>


Good to know on the submitting samples.  I have worked with Emsisoft in the past, and had forgotten all about them.  Depending on the clients decision, but that will be recommendation.  It is only a days worth of data, and easily recreated they said.

<div>
<div class="content wysiwyg-content">
Anyone have experience with Phobos ransomware? &nbsp;According to the time stamps Phobos took control of a client PC last night around 8:15PM and finished encrypting the entire system and backups by 8:46PM. &nbsp;The backups are 58GB each x7 copies (The drives alternate daily) &nbsp;Restored from the other drive without issue, but wondering if I could decrypt the files that are lost from yesterday? &nbsp;I have tried the Dharma decryption tool so far.
</div>
</div>


Anyone have experience with Phobos ransomware?  According to the time stamps Phobos took control of a client PC last night around 8:15PM and finished encrypting the entire system and backups by 8:46PM.  The backups are 58GB each x7 copies (The drives alternate daily)  Restored from the other drive without issue, but wondering if I could decrypt the files that are lost from yesterday?  I have tried the Dharma decryption tool so far.

Help with Phobos Ransomware

Ransomware is malicious software, designed to block data access in order to extort money. As a form of malware, ransomware is most often used to infiltrate devices through infected emails or links that, in turn, recognize and take advantage of vulnerabilities in the operating system and installed third-party software.

Ransomware

The term "Backup" means the methods and processes involved to copy computer data (system data as well as application data) to media other than the ones where the data originally live (disk, tape, optical, cloud). "Restore" in turn means the methods and processes involved in data recovery, i. e., bringing back copied computer data to their original location. Backup/Restore primarily serves as a means of protection against data loss, be it due to disaster, corruption or sabotage. It can also be used for recovering data from an earlier point in time and even for cloning machines or applications. There is a wide variety of backup/restore software available, from expensive commercial products to free or open source tools.

Storage Software

Security is the protection of information systems from theft or damage to the hardware, the software, and the information on them, as well as from disruption or misdirection of the services they provide. The main goal of security is protecting assets, and an asset is anything of value and worthy of protection.  Information Security is a discipline of protecting information assets from threats through safeguards to achieve the objectives of confidentiality, integrity, and availability or CIA for short. On the other hand, disclosure, alteration, and disruption (DAD) compromise the security objectives.