ThaiCERT    ETDA    MDES
Report
Search
Home > List all groups > List all tools > List all groups using tool Tinba

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: Tinba

NamesTinba
Tiny Banker
Tina
Illi
Zusy
CategoryMalware
TypeBanking trojan, Credential stealer
Description(Trend Micro) Tinba is a small data stealing Trojan-banker. It hooks into browsers and steals login data, as well as sniffs network traffic. As with several other sophisticated banker-Trojans, it also uses Man in the Browser (MiTB) tricks and Web injects to change the look and feel of certain Web pages. Its purpose is to circumvent Two Factor Authentication (2FA) or to trick the infected user into providing additional sensitive data such as credit card data.

Tinba is the smallest Trojan-banker CSIS has encountered to date, and it belongs to a new family of malware. The code is approximately 20 KB in size (including configuration and Web injects) and is simple without any packing or advanced encryption. Analyzed samples show that the antivirus detection is low.
Information<https://www.trendmicro.de/cloud-content/us/pdfs/security-intelligence/white-papers/wp_w32-tinba-tinybanker.pdf>
<https://labsblog.f-secure.com/2016/01/18/analyzing-tinba-configuration-data/>
<http://www.theregister.co.uk/2012/06/04/small_banking_trojan/>
<https://securityintelligence.com/tinba-trojan-sets-its-sights-on-romania/>
<https://securityblog.switch.ch/2015/06/18/so-long-and-thanks-for-all-the-domains/>
<http://contagiodump.blogspot.com/2012/06/amazon.html>
<https://www.zscaler.com/blogs/research/look-recent-tinba-banking-trojan-variant>
<http://stopmalvertising.com/malware-reports/mini-analysis-of-the-tinybanker-tinba.html>
<http://securityintelligence.com/tinba-malware-reloaded-and-attacking-banks-around-the-world/>
<https://github.com/nyx0/Tinba>
Malpedia<https://malpedia.caad.fkie.fraunhofer.de/details/win.tinba>
AlienVault OTX<https://otx.alienvault.com/browse/pulses?q=tag:TinyBanker>

Last change to this tool card: 21 May 2020

Download this tool card in JSON format

Previous: TIDYELF
Next: TinyCryptor

All groups using tool Tinba

ChangedNameCountryObserved

Other groups

 Retefe Gang, Operation EmmentalRussia2013 

1 group listed (0 APT, 1 other, 0 unknown)

Thailand Computer Emergency Response Team (ThaiCERT)
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1234
E-mail report@thaicert.or.th
PGP Download PGP key