DV Hardware - bringing you the hottest news about processors, graphics cards, Intel, AMD, NVIDIA, hardware and technology!
   Home | News submit | News Archives | Reviews | Articles | Howto's | Advertise
DarkVision Hardware - Daily tech news
January 23, 2020 
Main Menu
News archives

Who's Online
There are currently 465 people online.


Latest Reviews
Ewin Racing Flash gaming chair
Arctic BioniX F120 and F140 fans
Jaybird Freedom 2 wireless sport headphones
Ewin Racing Champion gaming chair
Zowie P-TF Rough mousepad
Zowie FK mouse
BitFenix Ronin case
Ozone Rage ST headset

Follow us

Tinba malware updates itself to make removal harder

Posted on Friday, June 26 2015 @ 12:22:15 CEST by

Malwarebytes discovered a new piece of malware named Tinba, this Trojan automatically updates both itself and its command servers to try to stay one step ahead of anti-virus tools. Tinba is spread via "malvertising" campaigns, it uses ads embedded within an URL shortener service to lead users to exploit kit HanJuan EK. The goal of Tinba is to steal user credentials, passwords and other sensitive data.
"Often times cyber criminals will use URL shorteners to disguise malicious links," the blog post explains. "However, in this particular case, it is embedded advertisement within the URL shortener service that leads to the malicious site.

"It all begins with Adf.ly, which uses interstitial advertising, a technique where adverts are displayed on the page for a few seconds before the user is taken to the actual content."

Following a complex malvertising redirection chain, the HanJuan EK is loaded and fires Flash Player and Internet Explorer exploits before dropping a payload onto disk.

"The payload we collected uses several layers of encryption within the binary itself but also in its communications with its command and control server," added the firm.
Full details at The Inquirer and MalwareBytes.

Tinba infection chain



DV Hardware - Privacy statement
All logos and trademarks are property of their respective owner.
The comments are property of their posters, all the rest © 2002-2019 DM Media Group bvba