Members
  • Total Members: 12814
  • Latest: Rono
Stats
  • Total Posts: 28518
  • Total Topics: 8240
  • Online Today: 976
  • Online Ever: 51419
  • (01. January 2010., 10:27:49)












Author Topic: "Tinba" aka "Zusy" malware targets online bank accounts  (Read 918 times)

0 Members and 1 Guest are viewing this topic.

Samker

  • SCF Administrator
  • *****
  • Posts: 7206
  • KARMA: 291
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • SCforum.info - Samker's Computer Forum


The source code for an impressively small but capable malware program that targets online bank accounts has been leaked, according to CSIS Security Group of Denmark.

The program, known as “Tinba” or “Zusy,” was discovered around mid-2012 and infected tens of thousands of computers in Turkey. It is notable for having a very small code base—just 20K—but capabilities similar to malware much larger in size.

Last week, CSIS found a post in an underground forum that included source code for Tinba, which turned out to be the same code studied a couple of years ago by the company, wrote Peter Kruse, CTO of CSIS: https://www.csis.dk/en/csis/news/4303/

The leak of its source code means other cybercriminals could begin using it, as such programs are often only offered for sale in forums. The source code for an online banking malware program called Zeus was leaked in 2011, which opened up its use to a wider range of cybercriminals, CSIS noted.

Although Tinba’s source code release is unlikely to have the same impact as Zeus, “making the code public increases the risk of new banker Trojans to arise based partially on Tinba source code,” Kruse wrote. The code appears to be from an early version of Tinba.

Kruse wrote that CSIS gave a presentation at a recent conference in Boston that covered Tinba, which described how its analysts believe the original malware code was sold and then improved upon by other developers.

Tinba can interfere with online banking sessions, creating new fields that users must fill out during an online banking session. That information can then be used to compromise their accounts.

In a joint report released in 2012, CSIS and Trend Micro wrote that more than 60,000 computers in Turkey appeared to be infected with Tinba: http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papers/wp_w32-tinba-tinybanker.pdf
Tinba appeared to be distributed using Blackhole, a now shuttered exploit kit that probed computers for software vulnerabilities and delivered malware if a computer doesn’t have current patches.

(PCW)

Samker's Computer Forum - SCforum.info





hyorinpoppy

  • SCF Newbie
  • *
  • Posts: 1
  • KARMA: -1
  • Gender: Male
Re: "Tinba" aka "Zusy" malware targets online bank accounts
« Reply #1 on: 01. September 2014., 06:11:32 »

With me I'm reading a lot more understanding. Read several other web site for me. I'm reading this to understand it better.

Samker

  • SCF Administrator
  • *****
  • Posts: 7206
  • KARMA: 291
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • SCforum.info - Samker's Computer Forum
Re: "Tinba" aka "Zusy" malware targets online bank accounts
« Reply #2 on: 02. September 2014., 19:50:27 »

With me I'm reading a lot more understanding. Read several other web site for me. I'm reading this to understand it better.

That's great  ::) , did you need some help with understanding of this Topic?

cya later,

S.

 

With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Verification:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.scforum.info:

Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Terms of Use | Privacy Policy | Advertising