Researchers from the Polish CERT team published this fascinating blog on their attempts to narrow the search space and brute force Phobos ransomware using GPUs for parallel processing:
https://cert.pl/en/posts/2023/02/breaking-phobos/
Discussion from Hacker News: https://news.ycombinator.com/item?id=34923842
My favorite part is their estimate of how a network the size of Bitcoin could make short work of the search space:
2**67
sha256 invocations is still a lot, but it's getting manageable. For example, this is coincidentally almost exactly the current BTC hash rate. This means, if the whole BTC network was repurposed to decrypting Phobos victims instead of pointlessly burning electricity, it would decrypt one victim per second