Menu
Source code for tiny 'Tinba' banking malware leaked

Source code for tiny 'Tinba' banking malware leaked

The code has appeared in an underground forum, according to Denmark-based security company CSIS

The source code for an impressively small type of banking malware called Tinba has been leaked on an underground forum, according to CSIS Security Group.

The source code for an impressively small type of banking malware called Tinba has been leaked on an underground forum, according to CSIS Security Group.

The source code for an impressively small but capable malware program that targets online bank accounts has been leaked, according to CSIS Security Group of Denmark.

The program, known as "Tinba" or "Zusy", was discovered around mid-2012 and infected tens of thousands of computers in Turkey. It is notable for having a very small code base - just 20K - but capabilities similar to malware much larger in size.

Last week, CSIS found a post in an underground forum that included source code for Tinba, which turned out to be the same code studied a couple of years ago by the company, wrote Peter Kruse, CTO of CSIS.

The leak of its source code means other cybercriminals could begin using it, as such programs are often only offered for sale in forums. The source code for an online banking malware program called Zeus was leaked in 2011, which opened up its use to a wider range of cybercriminals, CSIS noted.

Although Tinba's source code release is unlikely to have the same impact as Zeus, "making the code public increases the risk of new banker Trojans to arise based partially on Tinba source code," Kruse wrote. The code appears to be from an early version of Tinba.

Kruse wrote that CSIS gave a presentation at a recent conference in Boston that covered Tinba, which described how its analysts believe the original malware code was sold and then improved upon by other developers.

Tinba can interfere with online banking sessions, creating new fields that users must fill out during an online banking session. That information can then be used to compromise their accounts.

In a joint report released in 2012, CSIS and Trend Micro wrote that more than 60,000 computers in Turkey appeared to be infected with Tinba. Tinba appeared to be distributed using Blackhole, a now shuttered exploit kit that probed computers for software vulnerabilities and delivered malware if a computer doesn't have current patches.

Send news tips and comments to jeremy_kirk@idg.com. Follow me on Twitter: @jeremy_kirk


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags malwareCSIS Security Group

Featured

Slideshows

The making of an MSSP: a blueprint for growth in NZ

The making of an MSSP: a blueprint for growth in NZ

Partners are actively building out security practices and services to match, yet remain challenged by a lack of guidance in the market. This exclusive Reseller News Roundtable - in association with Sophos - assessed the making of an MSSP, outlining the blueprint for growth and how partners can differentiate in New Zealand.

The making of an MSSP: a blueprint for growth in NZ
Reseller News Platinum Club celebrates leading partners in 2018

Reseller News Platinum Club celebrates leading partners in 2018

The leading players of the New Zealand channel came together to celebrate a year of achievement at the inaugural Reseller News Platinum Club lunch in Auckland. Following the Reseller News Innovation Awards, Platinum Club provides a platform to showcase the top performing partners and start-ups of the past 12 months, with more than ​​50 organisations in the spotlight.​​​

Reseller News Platinum Club celebrates leading partners in 2018
Meet the top performing HP partners in NZ

Meet the top performing HP partners in NZ

HP has honoured its leading partners in New Zealand during 2018, following 12 months of growth through the local channel. Unveiled during the fourth running of the ceremony in Auckland, the awards recognise and celebrate excellence, growth, consistency and engagement of standout Kiwi partners.

Meet the top performing HP partners in NZ
Show Comments