LevelBlue - Open Threat Exchange
By Gnostis
Archived: 2026-04-06 02:52:28 UTC
171 Subscribers
171 Subscribers
https://otx.alienvault.com/browse/pulses?q=tag:Fobber
Page 1 of 3

Threat Research | FireEye Inc
Find out more about FireEye.com, the world's leading cyber security company, which provides security services to
more than 1.5 million customers across the globe, and offers a wide range of products and services.
https://otx.alienvault.com/browse/pulses?q=tag:Fobber
Page 2 of 3

17 Subscribers
Active Fobber DGA(s) for 20190706
Some active Fobber domains generated via DGA for 20190706. For our Enterprise Threat Data services, please
visit https://malwarepatrol.net/ or contact us at commercial@malwarepatrol.net.
3,431 Subscribers
New Banking Trojan Fobber, a new variant of Tinba
Fobber, a new variant of Tinba uses an interesting and unusual approach to make static analysis harder: In the
original sample, there was no sign of Man-in-the-Browser (MitB) aiming to steal banking credentials but, since
the malware has the capability to update itself, this possibility can be later added by the attackers. On our analysis,
apart from the update feature, we only found the form-grabbing / cookie stealing malicious feature. Although this
analysis is pretty comprehensive, this cannot be considerate ultimate, there are still pieces of the puzzles missing
and possible misinterpretation in it.
350 Subscribers
Source: https://otx.alienvault.com/browse/pulses?q=tag:Fobber
https://otx.alienvault.com/browse/pulses?q=tag:Fobber
Page 3 of 3