Last week, underground market forums were lit up by the emergence of Sphinx, dubbed as the renaissance of the ZeuS banking malware. The Trojan kit piqued the interest of many potential buyers in the black market with features that resembled its predecessor—one of the first online banking Trojans to operate fully through the Tor network.
After admins swore of its legitimacy, the Trojan that was being peddled promised elaborate features for theft and evasion. In fact, the demand has propelled Sphinx creators to double its initial asking price of $500 USD to $1000 USD. However, shortly after it made the rounds, users caught on and reported that the malware didn't work as promised.
Motherboard shared several user comments, corroborating claims that Sphinx is yet another trick to rake in profit, ironically from those who have the same intention as its so-called developers. Testimonials saying that the advertised kit on sale was in fact, a scam, are now verified.
In a hacking forum, a dissatisfied buyer showed a detailed conversation with the creators behind the banking Trojan. It showed how the customer aired issues with how the malware routes through Tor. The same user also noted how this is not just an isolated case, but a common issue among those who have purchased the product. Trend Micro researchers also received information that the developer behind Sphinx has been banned from multiple underground forums for scamming.
Users are constantly reminded to be careful of what they click and what they buy online. It looks like attackers, or at least those who have shown interest in the Sphinx kit, are getting a dose of their own medicine as it seems that a lot of would-be scammers just got scammed.
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.