Security News > 2020 > March > Zeus Sphinx Banking Trojan Arises Amid COVID-19

Zeus Sphinx Banking Trojan Arises Amid COVID-19
2020-03-30 18:19

The Zeus Sphinx banking trojan is back after being off the scene for nearly three years.

First seen in August 2015, Sphinx is a modular malware based on the leaked source code of the infamous Zeus banking trojan, the researchers explained.

Like other banking trojans, Sphinx's core capability is to harvest online account credentials for online banking sites.

When infected users land on a targeted online banking portal, Sphinx dynamically fetches web injections from its command-and-control server to modify the page that the user sees, so that the information that the user enters into the log-in fields is sent to the cybercriminals.

In the latest campaigns, Sphinx is spreading via coronavirus-themed email sent to victims in the U.S., Canada and Australia, housed in malicious attachments named "COVID 19 relief," according to an X-Force blog posting on Monday.


News URL

https://threatpost.com/zeus-sphinx-banking-trojan-covid-19/154274/