CyberSecurity/Data

Here's how the world's smallest banking trojan works

Data Jimmy Nicholls

09:07, July 14 2014

image

image

Source code for malware leaked onto underground forum.

Source code of the world's smallest banking trojan Tinba has been posted on an underground forum, according to Danish security group CSIS.

The code is from the first version of the malware taken over by criminals in 2012 and, though functional, is said not to be used in current attacks.

Peter Kruse, partner at CSIS, said: "The Tinba leaked source code comes with a complete documentation and full source code. It is nicely structured and our initial analysis proves that the code works smoothly and compiles just fine."

Tinba, also known as Tiny Banker, is said to be just 20KB in size, though the source code comes in at around 2MB.

It works by connecting to browsers to steal login details and monitor network traffic, mimicking webpages to trick banking customers into revealing their information by bypassing two factor authentication.

"We don't expect the source code of Tinba to become a major inspiration for IT-criminals as it was the case for [the trojan] ZeuS," Kruse added.

"However, making the code public increases the risk of new banker trojans to arise based partially on Tinba source code."



Source: Company Press Release

Comments

Post a comment

Comments may be moderated for spam, obscenities or defamation.