Threat Group Cards: A Threat Actor Encyclopedia
Archived: 2026-04-05 20:36:57 UTC
Home > List all groups > List all tools > List all groups using tool Tinba
 Tool: Tinba
Names
Tinba
Tiny Banker
TinyBanker
Tina
Illi
Zusy
Category Malware
Type Banking trojan, Credential stealer
Description
(Trend Micro) Tinba is a small data stealing Trojan-banker. It hooks into browsers and
steals login data, as well as sniffs network traffic. As with several other sophisticated
banker-Trojans, it also uses Man in the Browser (MiTB) tricks and Web injects to change
the look and feel of certain Web pages. Its purpose is to circumvent Two Factor
Authentication (2FA) or to trick the infected user into providing additional sensitive data
such as credit card data.
Tinba is the smallest Trojan-banker CSIS has encountered to date, and it belongs to a new
family of malware. The code is approximately 20 KB in size (including configuration and
Web injects) and is simple without any packing or advanced encryption. Analyzed
samples show that the antivirus detection is low.
Information

world/>
Malpedia AlienVault OTX Last change to this tool card: 28 December 2022
Download this tool card in JSON format
All groups using tool Tinba
Changed Name Country Observed
Other groups
 Retefe Gang, Operation Emmental 2013
1 group listed (0 APT, 1 other, 0 unknown)
Source: https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=b3b23d2b-3498-486f-a47f-e24ce93ed5fd
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=b3b23d2b-3498-486f-a47f-e24ce93ed5fd
Page 2 of 2