Tinba

Also known as Tiny Banking Trojan, Tinba was first discovered in the wild in 2012 when it was found to have infected a number of computers in Turkey. It is the smallest banking trojan known, consisting only of a 20 KB file. It typically runs geo-specific campaigns, though varies its regions. Tinba’s code was first leaked in 2014 and proved to be a useful resource for malware researchers to analyze. Tinba has also been linked to other banking trojans in the past. It is allegedly a highly modified version of Zeus, as it has a similar architecture. In 2016, F5 labs reported that Tinba and Gozi used almost identical web injects. They seem to have been bought from the same webinject workshop. Tinba has not been in the news recently, but it would be naive to think that it is gone for good.