A new variant of zeus banking trojan named Sphinx is available on the dark web. Programming language used in sphinx is c++.It can only be accessed through the Tor network. Latest variant of zeus malware,Sphinx comes up with following features:
Features Of Sphinx
- Certificate Grabber
- Backconnect Socks and VNC
- Webinjects and Webfakes
- XMPP Notification
- Scripts and Botlists
- Statistics
Certificate grabber
Sphinx can able to intercept certificate while establishing secure connection or signing file.Sphinx use digital certificate to sign the malware in order bypass the antivirus.Backconnect Socks and VNC
BackConnect VNC allow to transfer money from victim bank account.It also allow the attacker to disable the firewell and Antivirus soluation.Attacker need not require to do the Port Forwarding due to use of Reverse Connection.It also protect the attackers identity by doing VNC on a different desktop than the victim’s desktopWebinjects and Webfakes
Webinject is used to change the content of website.Attacker use webinject to obtain the credit card data of Victim.Web Fakes injects complete fake pages which are replicas of a target entity’s webpage without changing the URL.
XMPP Notification
Xampp notification is used to get notification about a user entering into defined resources.Xampp notification will be received in jabber account.
Scripts and Botlists
Attacker create the script to control the activity of bots and botlists are used to filter the bots country wise,IP wise etc...It display the complete detail of bots like Bot's country,ip address,Operating system ,version of operating system,location even victim display in real time basisStatistics
- Number of infected computers.
- Current number of bots in the online.
- The number of new bots.
- Daily activity of bots.
- Country statistics.
- Statistics by OS
How does Sphinx get into PC?
Many pc users don't have any idea how Sphinx gets into their computer as they operate their pc as was common. In most cases, Sphinx is distributed out as associate attachment to several email addresses, once users open the attachment, Sphinx gets in to put victim pc instantly. Additionally, Sphinx will auto find the vulnerability in machine and gain access via exploit kits .Apart from this visiting of harmful websites like Porn sites and therefore the transfer of software package return from unreliable net resources will bring Sphinx into machine.
How to Buy Banking Trojan Sphinx?
- Download and Install Tor Browser
- GoTo website https://crimenetwork.biz/index.php?/topic/159726-sphinx-banking-trojan/
- SignUp and Login the account
- Make payment of $500 USD via Bitcoin and Dash
- After seller verify the payment,buyer account is enable for edit the config and request a build.
