Trojan.Tinba

Tinba is a banking Trojan whose purpose is to steal online banking credentials that victims enter in their browser. Tinba is primarily spread through malvertising campaigns, exploit kits and the ever-topical spam email campaigns. The main targets of the Trojan are bank customers residing in the United States and Europe.

The way Trojan.Tinba steals its victims online banking information is by using code injections that modify the portal pages of legitimate banking websites. The victim is presented with a very legitimate-looking, yet completely fake and malicious login interface for their respective bank. Using this login interface to enter sensitive data results in the login credentials being syphoned to the bad actors behind the Trojan.

Once the victim hits specific banking portals that are hard-coded in the malware, the original login interface is swapped with the malicious one through web injection. The web code injections are kept on the victim's hard drive and are encrypted using a key. The key itself is the name of the directory where the injection files are kept. Once it needs to inject the malicious code, Tinba decrypts it entirely and injects it in the browser's memory footprint with no other safety measures, which makes spotting the issue relatively easy for security researchers. The code injection itself and the fake info-stealing login interface use code that is very similar to that used by the Zeus banking Trojan.

Tinba is also known for resorting to social engineering tactics to urge its victims to enter their credentials in the fake login forms, even if the user did not originally intend to do any online banking. Such tactics include fake messages that the victim received an erroneous bank transfer and needs to refund the sum immediately, to avoid further trouble. Similar scare tactics are used by a lot of other types of malware, including rogue antivirus software and some niche cases of ransomware that attempt to scare the user into submission.

SpyHunter Detects & Remove Trojan.Tinba