A post in an underground forum has leaked the source code for the Tinba malware program aimed at online banking, according to a blog post penned by Peter Kruse, CTO of Denmark-based CSIS Security Group.

Noting that CSIS was the first to break the news of the “smallest Trojan banker ever discovered” in 2012 and teamed with TrendMicro to report on its use in Turkey, Kruse wrote that Tinba (for tinybanker) has been “taken over by new criminals and it is precisely the version 1 source code which has now been made available to the public and not the code being used in current and ongoing attacks.”

The underground forum post provided complete documentation as well as the full source code.

Calling it “nicely structured,” Kruse wrote, “our initial analysis proves that the code works smoothly and compiles just fine.”