Tinba (Tiny Banker) is one of the smallest banking trojans publicly documented, with a footprint around 20KB that nonetheless implements full webinject, form-grabbing, and man-in-the-browser capabilities. It primarily targeted European banking customers from 2012 onward, and the leaked Tinba source code spawned multiple derivative campaigns. Tinba is often classified alongside or as Zusy by various AV vendors.
This family has been observed using the following ATT&CK techniques: T1185 T1071.001 T1055
Tinba (Tiny Banker) is one of the smallest banking trojans publicly documented, with a footprint around 20KB that nonetheless implements full webinject, form-grabbing, and man-in-the-browser capabilities. It primarily targeted European banking customers from 2012 onward, and the leaked Tinba source code spawned multiple derivative campaigns. Tinba is often classified alongside or as Zusy by various AV vendors.
Tinba (Tiny Banker) is one of the smallest banking trojans (~20KB) and spreads through exploit kits, phishing, and malvertising campaigns.
Browser web-injects on banking sites, prompts for additional credentials or 2FA codes, and antivirus references to Tinba, TinyBanker, or Zusy are signature indicators.
If you suspect this malware on your system, do not attempt manual removal. Contact SystemHelpdesk expert MSP support at 855-783-7555 for professional incident response guidance.
Get this profile as JSON: https://jordanricky1604-ship-it.github.io/malware-families-catalog/api/tinba.json
This profile is part of the Malware Families Catalog, a public dataset of 2,899 malware families extracted from the EMBER 2018 benchmark. The catalog is also published on Hugging Face and Kaggle.