Original code for ‘Tinba’ banking malware leaked to criminals

Featured eBooks
Future-Ready Workforce
Read Now

Health Tech

Read Now

AI Applications

Read Now
Insights & Reports
A Mapping Guide for the NIST CSF 2.0
Presented By Forescout Technologies
Download Now
4 steps to successful data governance programs for government
Presented By Carahsoft
Download Now

By

Technology

The initial, privately sold version of the crimeware kit has been published on an underground Web forum.

Tinba is known as the smallest bank credential-stealing software on the Web.

It performs many of the same functions as other so-called Trojans, “injecting itself into running processes on an infected machine, including the browser and explorer.exe,” Kaspersky reports. The malware “makes each infected computer part of a botnet. Compromised machines communicate with command-and-control servers over encrypted channels.”

The program’s name is derived from the phrase “tiny banker.”

Researchers at CSIS in Denmark, who were the first to discover Tinba, last week found a post on an underground cybercrime forum that included an attachment containing the Tinba source code. While this is the earliest version of the malware, it works without a hitch.  

Around 2012, “the Tinba version 1 source code was taken over by new criminals and it is precisely the version 1 source code which has now been made available to the public,” CSIS security specialist Peter Kruse said in a post

Original Report:
threatpost.com/tinba-banker-trojan-source-code-leaked

NEXT STORY: 10,000 guests at Houston luxury retreat exposed to ID theft