The banking trojan has upgraded and is seeing a resurgence on the back of coronavirus stimulus payment themes. The Zeus Sphinx banking trojan has seen a recent resurgence in the United States, sporting some modifications and using COVID-19 spam as a lure. Sphinx re-emerged in December but saw a big spike in March via the use of coronavirus themes. Since April, it has been seen attacking U.S. targets with a few changed processes. The main upgrades in the latest version, which harvests user credentials and other personal information from online banking sessions, can be found in the process-injection and bot-configuration aspects if the malware’s operations, according to researchers.