Dell SecureWorks discovers malware attack targeting Russian banks

The cybercriminals behind this campaign are supposed to be operating a huge botnet spreading the Tinba 2.0 banking Trojan, and collecting financial information from its victims

Tinba is a popular threat in the IT security domain, and it is active since few years mainly focusing on European, Japanese and North American targets.

Two versions exist, but Tinba 1.0s source code was publically leaked in 2014 and several cybercrime gangs have stopped employing it since then. Soon after, Tinba 2.0 appeared and just like Tinba 1.0, it is supposed to be the innovation of an Easter European cybercriminal.

Tinba 2.0 is traded in the underground market as a botnet kit permitting anyone who buys it to install their own C&C server, configure diverse security and validation techniques to avoid detection, tweaking the MO (modus-operandi) of the Trojan to enable them to aim at specific targets.

The Paypers is the Netherlands-based leading independent source of news and intelligence for professional in the global payment community.

The Paypers provides a wide range of news and analysis products aimed at keeping the ecommerce, fintech, and payment professionals informed about the latest developments in the industry.

Categories

Payments

Fraud and Fincrime

Fintech

Crypto, Web3 and CBDC

Regulations

M&A and Investments

Current themes

A2A Payments

Payment Orchestration

TradFi and DeFi Convergence

KYC, KYB and Digital Identity