Beware Of The Ginp Android Banking Trojan That Milks Your Money

Ginp Android Banking Trojan demands money for showing people infected with COVID-19 nearby – don’t fall for the bait


An infamous trojan takes advantage of the corona pandemic to open a ‘corona data finder, that claims to give an updated data on new corona infections.

Dubbed, the Ginp banking Trojan, it originally acquired the ability to insert fake text messages into the inbox of a regular SMS app back in March, but now has a new functionality, to takes advantage of the recent pandemic.

“Cybercriminals have, for months, attempted to take advantage of the Coronavirus crisis by launching phishing attacks and creating Coronavirus-themed malware. This is the first time, though, we’ve seen a banking Trojan attempting to capitalise on the pandemic. It’s alarming, particularly since Ginp is such an effective Trojan. We encourage Android users to be particularly vigilant at this time—pop-ups, unfamiliar webpages, and spontaneous messages about Coronavirus should always be viewed skeptically,” says Alexander Eremin, security expert at Kaspersky.

Once downloaded on a victim’s phone, the Ginp Trojan can receive a command from the attacker to open a webpage titled “Coronavirus Finder”, which claims there are people nearby infected with the virus. In order to learn where these individuals are, the victim is asked to pay .75 euros.

A victim shared their encounter on social media

If the victim agrees, he or she is transferred to a payment page. Once the payment details have been entered, however, the victim is neither charged this sum nor does he or she receive any information about those “infected”. Instead, their credit card information has just been handed over to cybercriminals.

Ginp is a Trojan that has rapidly evolved since it first appeared, consistently acquiring new capabilities. In addition, while in the past the targets have primarily been residents of Spain, the name of this latest version suggests the attackers are planning to target other countries.

Kaspersky products successfully detect and block the threat.

To reduce the risk of being exposed to Ginp or other banking Trojans, Kaspersky experts recommend:

  • Only download apps from the official Android Stores.
  • Don’t click on suspicious links and never give away sensitive information, such as passwords or credit card information.
  • Install a reliable security solution on your phone, like Kaspersku Sedurity for Android,  that protects from a wide range of threats including banking Trojans


Do you have a story that you think would interest our readers?
Write to us


Please enter your comment!
Please enter your name here
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.