There is a new banking malware whose base source code is the sophisticated and notorious Zeus Trojan. This new malware is called Sphinx and is up for sale a piece at $500 equivalence in Bitcoins.
Sphinx has been developed using the Tor anonymity network. According to its creators, it is immune to blacklisting, sinkholing and getting easily caught by Ch’sZeus Tracker tool. They added that any buyer of Sphinx won’t need to buy a bulletproof hosting in order to run botnet even though they do recommend one to use it.
Among the many features which Sphinx boasts of, include form grabbing numerous web based software. It also has the ability to web inject for Internet Explorer, Tor Browser, Keylogger, Firefox, POP3 and FTP grabber and certificate grabber.
This malware is designed and developed to work seamlessly on Windows Vista and also on Windows 7. It will work on these OS when User Account Control (UAC) is enabled. The developers added that Sphinx also works on accounts with low privileges such as ‘Guest’ accounts.
According to the developers, the Sphinx’s BackconnectVNC has the capacity to let its user initiate money transfers directly from the victim’s computer. This feature comes in handy at disabling all the security measures that the target computer’s user has already installed on their computer. The Sphinx’s Backconnect SOCKS allows the hacker to use their victims as a SOCKS proxy. This is according to a report released on August 15th, 2015 on the malware’s advertising forum.
The use of Sphinx enables its owner to not only steal basic digital certificates but to also use it to sign malware and webinjects. These are used to access and manipulate the content in a website which then tricks internet users into giving up sensitive personal information. It is a serious threat that can sweep all of your bank and credit card accounts clean.