Source Code Leaked For Tinba Banking Trojan

Posted by timothy on Saturday July 12, 2014 @03:43PM from the small-can-be-potent dept.

msm1267 (2804139) writes "The source code for Tinba, known as the smallest banker Trojan in circulation, has been posted on an underground forum. Researchers say that the files turned out to be the source code for version one of Tinba, which was identified in 2012, and is the original, privately sold version of the crimeware kit. Tinba performs many of the same malicious functions as other banker Trojans, injecting itself into running processes on an infected machine, including the browser and explorer.exe. The malware is designed to steal financial information, including banking credentials and credit-card data and also makes each infected computer part of a botnet. Compromised machines communicate with command-and-control servers over encrypted channels. Tinba got its name from an abbreviation of "tiny banker," and researchers say that it's only about 20 KB in size."

4 of 75 comments (clear)

Min score:

Reason:

Sort:

20k by Anonymous Coward · 2014-07-12 15:51 · Score: 5, Funny

this makes the trojan the least bloaty program on the average windows PC.
1. Re:20k by CaptnZilog · 2014-07-12 16:25 · Score: 5, Insightful
  
  If we could get the hired at MS maybe windows could run on a 256M machine. :P
Windows DLL injection attack vector. by Animats · 2014-07-12 19:38 · Score: 5, Interesting

Remind me again why Windows has the capability to "inject" a new DLL into a running process from outside the process.
1. Re:Windows DLL injection attack vector. by Anonymous Coward · 2014-07-12 19:48 · Score: 5, Insightful
  
  I'm sure the NSA will let us know is due course.