Zeus Sphinx Banking Trojan is Revived Under the Guise of COVID-19 Assistance



iStock-1144604134The 5-year old malware variant has reared its ugly head once again after a three-year hiatus – this time attempting to take advantage of the need for COVID-19 financial assistance.

In the midst of a huge uptick in coronavirus-themed phishing and spear phishing attacks, it appears the those responsible for the Zeus Sphinx trojan have wiped off the dust and are looking to leverage the interest by individuals and businesses alike to gain access to the victim’s online banking. According to researchers an IBM X-Force, the trojan uses booby-trapped documents under the guise of COVID-29 assistance that launch a multi-step process to infect the victim’s endpoint with a web inject platform, called Tables, that has been around since 2014.

The intent of the malware is to collect logon credentials as users attempt to access online banking, sending them back for later use by their authors. The Tables platform uses banking site-specific code to make the user believe they are, indeed, logging onto their bank when they are instead compromising their credentials.

At a time when users are working from home, the future is uncertain, and everyone could use a little assistance, the offer of free monetary assistance is enough motivation to get potential victims to do as asked by the senders of phishing scams like these.

Organizations need to ensure that even while working remotely, users have a layered defense in place that includes scanning emails before they are sent to the user’s Inbox, protecting endpoints with AV, preventing malicious code from running using endpoint detection and response, and educating the user with Security Awareness Training to not fall for scams like these – regardless of the theming, promise made, or how tempting they appear to be.


Request A Demo: Security Awareness Training

products-KB4SAT6-2-1New-school Security Awareness Training is critical to enabling you and your IT staff to connect with users and help them make the right security decisions all of the time. This isn't a one and done deal, continuous training and simulated phishing are both needed to mobilize users as your last line of defense. Request your one-on-one demo of KnowBe4's security awareness training and simulated phishing platform and see how easy it can be!

Save My Spot!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

https://info.knowbe4.com/kmsat-request-a-demo

Subscribe To Our Blog


Ransomware Has Gone Nuclear Webinar




Get the latest about social engineering

Subscribe to CyberheistNews