A banking Trojan known as Tinba, Tiny Banker, or Zusy could cause huge problems for banks and credit unions. The malware steals login information and network traffic, and uses injected code to alter the appearance of banking websites on compromised machines. It is designed to foil two-factor authentication technologies and other security elements employed by banks.
Adding to Tinba’s threat is its small size: at 20 KB, it is a new breed of banking Trojan. Despite being much smaller than the typical banking Trojan, it contains all the code necessary to compromise sensitive information.
Visit the following sites for more information on Tinba and the threat it poses to financial institutions:
CSIS Security Group, “Say hello to Tinba: World’s smallest Trojan-banker” http://www.csis.dk/en/csis/news/3566
The Register, “Small banking Trojan poses major risk” http://packetstormsecurity.org/news/view/21065/Small-Banking-Trojan-Poses-Huge-Risk.html
SecurityWeek, “Tiny Tinba Malware Proves Not All Threats Come in Supersize Form” http://www.securityweek.com/tiny-tinba-malware-proves-not-all-threats-come-supersize-form