The cybercriminals behind this campaign are supposed to be operating a huge botnet spreading the Tinba 2.0 banking Trojan, and collecting financial information from its victims
Tinba is a popular threat in the IT security domain, and it is active since few years mainly focusing on European, Japanese and North American targets.
Two versions exist, but Tinba 1.0s source code was publically leaked in 2014 and several cybercrime gangs have stopped employing it since then. Soon after, Tinba 2.0 appeared and just like Tinba 1.0, it is supposed to be the innovation of an Easter European cybercriminal.
Tinba 2.0 is traded in the underground market as a botnet kit permitting anyone who buys it to install their own C&C server, configure diverse security and validation techniques to avoid detection, tweaking the MO (modus-operandi) of the Trojan to enable them to aim at specific targets.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now