The 8Base ransomware attackers have incorporated a new variant of the Phobos ransomware and publicly available tools for financially motivated attacks. The variant used by the 8Base group includes features that can enable attackers to establish persistence on victims’ systems, perform speedy encryption, and remove backup and shadow copies. Organizations are recommended to keep track of the threats by following the latest IOCs associated with the ransomware.