Zeus Sphinx revamped as coronavirus relief payment attack wave continues

The Zeus Sphinx banking Trojan is now receiving frequent updates and upgrades to its malicious arsenal while being deployed in active coronavirus scams.

On Monday, IBM Security researcher Nir Shwarts said the company has been tracking the evolution of the malware which is based on the leaked codebase of the well-known Zeus v.2 Trojan.

Zeus Sphinx — also referred to as Zloader or Terdot — first emerged in 2015 and was used in attacks launched against US banks. However, the malware vanished from the criminal scene and, with the exception of a handful of campaigns over the years, lay dormant until now, when it has once again been spotted in attacks against banks — as well as a new campaign related to COVID-19.

Read more…
Source: ZDNet