In 2011, the source code for the ZeuS crimekit was leaked on the Internet. CSIS was the first to report this and the blog can be found here: https://www.csis.dk/en/csis/blog/3229/. As a direct result of the ZeuS source code leak, several IT-criminals have been inspired and have even improved the code for newer and more powerful commercial crimekits such as Citadel. Later in mid 2012, we broke the news about the smallest Trojan banker ever discovered, which we dubbed "Tinba" (aka Tinybanker) because of its small size (only approximately 20KB in size).
more here............https://www.csis.dk/en/csis/news/4303/
more here............https://www.csis.dk/en/csis/news/4303/