‘TINBA’ is a Tiny Banker that can Cause Huge Disruption!{2}


Researchers have discovered a new Trojan Malware  that possesses the ability to circumvent the banking security. This Trojan is called ‘Tinba’. The file size of Tinba is only 20kb and it can do the equivalent of much larger and sophisticated malwares. This means it is more scary for the banks. The main purpose of Tinba is to steal in banking login information when users login, but it has also been used for other purposes. The way this Trojan works is that it injects itself into the windows svchost.exe process and explorer.exe which are required for windows to run normally. Explorer.exe is the process that provides with start menu and desktop features including others, and svchost.exe manages and runs .dll extensions. svchost.exe cannot be stopped or restarted manually. Windows needs it to run the operating system period. An easy example would be printing services, or fax services. By doing this Tinba gains access to the users windows and it also injects itself into the browsers. It has been able to do so successfully in Mozilla Firefox and Internet Explorer. This provides it admission to all the incoming and outgoing traffic through those browsers.

This is not unusual for any malware to do the things described above. But to do it in a size of just 20kb is really efficient. Prudent researchers believe that size does matter. And this Trojan is a work of a really sophisticated developer.  Tinba by itself maybe handled, but this type of development paves way for many other suave and bland malwares that can seep in through quietly.

As of now, infection levels are unknown but the way banking viruses work is that they are truly invisible until an incident comes into light. People might have heard about a similar virus attack called ‘Flame’ which caused great disturbance in Iran computer systems. As and as new technology emerges its counterparts develop too and therefore one has to always be careful about what they are doing online. These days everything is trackable and traceable. And the bad people want to do the opposite. They don’t want to be tracked or traced. The victims are the people in between.

 

Reference:

Dunn, John E. “‘Tinba’ Bank Trojan Burrows into Browsers to Steal Logins.” PCWorld. 3 June 2012. Web. 03 June 2012. <http://www.pcworld.com/article/256710/tinba_bank_trojan_burrows_into_browsers_to_steal_logins.html>.