The Great DGA of Sphinx

October 18, 2016 Dennis Schwarz

This post takes a quick look at Sphinx’s domain generation algorithm (DGA). Sphinx, another Zeus-based banking trojan variant, has been around circa August 2015. The DGA domains are used as a backup mechanism for when the primary hardcoded command and control (C2) servers go down. It is currently unknown to us as to what version […]

Read more...

Previous Article
On DNS and DDoS
On DNS and DDoS

The global DNS infrastructure provides the critical function of mapping seeming random sets of numbers in I...

Next Article
Panda Banker’s Future DGA
Panda Banker’s Future DGA

Since we last visited the Panda Bankers at the malware zoo, two new versions have emerged: 2.2.6 and 2.2.7....