Here's how the world's smallest banking trojan works

Source code of the world’s smallest banking trojan Tinba has been posted on an underground forum, according to Danish security group CSIS.

The code is from the first version of the malware taken over by criminals in 2012 and, though functional, is said not to be used in current attacks.

Peter Kruse, partner at CSIS, said: "The Tinba leaked source code comes with a complete documentation and full source code. It is nicely structured and our initial analysis proves that the code works smoothly and compiles just fine."

Tinba, also known as Tiny Banker, is said to be just 20KB in size, though the source code comes in at around 2MB.

It works by connecting to browsers to steal login details and monitor network traffic, mimicking webpages to trick banking customers into revealing their information by bypassing two factor authentication.

"We don’t expect the source code of Tinba to become a major inspiration for IT-criminals as it was the case for [the trojan] ZeuS," Kruse added.

"However, making the code public increases the risk of new banker trojans to arise based partially on Tinba source code."

Sign up for our weekly news round-up!

Sign up to the newsletter: In Brief

Sign up for our regular news round-up!

Sign up for our weekly news round-up!

Sign up to the newsletter: In Brief

I would also like to subscribe to:

Thank you for subscribing