Home News Ginp Banking Trojan Lures Android Users Amidst COVID-19 Outbreak

Ginp Banking Trojan Lures Android Users Amidst COVID-19 Outbreak

Banking Frauds

The outbreak of the novel Coronavirus (COVID-19) is giving rise to threats related to cybersecurity and data privacy. One such threat, according to Kaspersky researchers, is the Ginp Banking Trojan, which takes advantage of Android users. The infamous Trojan is known to steal credit card credentials of potential victims.

The Ginp Clickbait

Once the Ginp Banking Trojan is downloaded on the victims’ phone, the attacker sends a special command to the Trojan to open a web page titled “Coronavirus Finder.” The Coronavirus Finder web page displays the number of people infected with the virus near the victim’s location. It then asks them to pay 0.75 Euros to see the location of the virus-infected persons. If the victims agree to pay, the Trojan redirects them to a payment page, where the payment details need to be entered. Once the details are entered, the victims are neither charged, nor do they receive any information about the location of the infected persons. Instead, the credit card details of the victims are accessed.

Kaspersky’s Security Expert, Alexander Eremin, said, “Cybercriminals have, for months, attempted to take advantage of the coronavirus crisis by launching phishing attacks and creating coronavirus-themed malware. This is the first time, though, we’ve seen a banking Trojan attempting to capitalize on the pandemic. It’s alarming, particularly since Ginp is such an effective Trojan. We encourage Android users to be particularly vigilant at this time–pop-ups, unfamiliar web pages, and spontaneous messages about coronavirus should always be viewed skeptically.”

Precautionary Measures Against Ginp

Researchers at Kaspersky suggested precautionary measures to avoid the exposure to the banking Trojan, which include:

  • Install or update Android apps only from Google Play.
  • Do not click on suspicious links and never give away sensitive information, such as logins, passwords or credit card information.
  • Do not give the Accessibility permission to apps that request it, other than anti-virus apps.

Not the First Time

The Ginp Trojan, which was first discovered in October 2019 by Kaspersky expert Tatyana Shishkova, had targeted Spanish banks as well as legitimate banking apps per bank. The Trojan exploited the Accessibility Service privilege to send messages and make calls, without the knowledge of the victims.


Subscribe Now to receive Free Newsletter

* indicates required

By submitting this form, you are consenting to receive marketing emails from: EC-Council, 101 C Sun Ave. NE, Albuquerque, NM, 87109, http://www.eccouncil.org. You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact