In association with heise online

01 June 2012, 15:17

Tiny banking trojan can do a lot of damage

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Virus icon

Security experts at CSIS say that they have discovered the smallest online banking trojan to affect Windows systems yet. Called Tiny Banker (Tinba), the malware is just barely 20KB in size, including its configuration files.

Like Zeus, Tinba uses man-in-the-browser techniques and easily extendable configuration files to manipulate bank web sites via webinjects. Webinjects can be used, for example, to create additional fields for numerical single-use passwords that the attackers can then leverage to authorise fraudulent payments. Tinba can also uncover standard passwords and monitor network traffic.

Tinba is a bot in the classical sense; it uses an encoded connection to deliver data it has collected to a command and control server, which in turn gives the bot new orders. According to CSIS, Tinba has only been used on a very small number of banking web sites so far, but its modular structure means that the perpetrators should not have any problems adding other sites to that list.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit