New Ginp banking malware targets credit/debit card information via screen overlay
By MYBRANDBOOK
A new form of sophisticated Android banking malware named “Ginp” has been uncovered by researchers. It targets Android users via screen overlay attack to steal banking credentials, SMS & credit/debit card details to empty victims’ bank account.
The Ginp malware was initially spotted at the end of the October 2019; since then the malware is continuously under development, and 5 different versions of the Trojan have been released.
It is being studied that attackers are mainly interested in Spanish based bank users. They are also continuously releasing regular updates, and some evidence found the Gip malware copying code from infamous Anubis banking Trojan.
Ginp is using multiple step overlay to avoid raising suspicion and the initial version was distributed via fake "Google Play Verificator” app to steal the only incoming and outgoing SMS data.’
The next version has been released with a set of new features and spreading via masquerading as a fake “Adobe Flash Player” app to target some of the social and utility apps such as Google Play, Facebook, WhatsApp, Chrome, Skype, Instagram, and Twitter.
The 3rd version of Ginp is launched to focus on Banking sectors, and the attackers mainly target the 24 apps belonging to 7 different Spanish banks: Caixa bank, Bankinter, Bankia, BBVA, EVO Banco, Kutxabank and Santander.
Once the malware landed into the device, as a first step, it removes the icon and seeks the victim for the Accessibility Service privilege. After it gets the permission, the Ginp itself grants some of the sensitive additional permission, such as send messages, and make calls, without requiring any further action from the victim.
Ginp targets various social media apps such as Facebook, WhatsApp, Skype, Twitter, Chrome, Instagram, Snapchat and implements the generic credit card grabber overlay screen to harvest the card number, CVV, Date etc.
The government of India intends to construct a single portal f
A single portal will be launched by the Indian government to list all of it...
OpenAI offers GPT-4o, a faster model available to all users at
GPT-4o, a faster and more sophisticated AI model, is made available to all...
Paytm brings UPI Lite Wallet for low-value transactions
Paytm’s parent company One97 Communications (OCL) is emphasizing upon UP...
BHIM to join e-commerce, competing with PhonePe and Google Pay
The government-supported payment software BHIM is getting ready to join t...
MICROTEK INTERNATIONAL PVT. LTD.
BHARAT ELECTRONICS LTD.
LUMINOUS POWER TECHNOLOGIES PVT. LTD.
TATA CONSULTANCY SERVICES
Technology Icons Of India 2023: Hari Om Rai
Hari Om Rai is the Co-founder, Chairman & Managing Director of Lava In...
Technology Icons Of India 2023: Debjani Ghosh
Debjani Ghosh is the first woman president of NASSCOM (the umbrella bo...
Technology Icons Of India 2023: Rajiv Memani
As Chair of the EY Global Emerging Markets Committee, Rajiv connects e...
CSCs enabling rural India digitally empowered
Common service centres (CSCs) are digital access points under the Digi...
HPCL is transforming the energy landscape, across the nation and beyond
HPCL is world-class energy company known for caring and delighting the...
C-DAC keeps India ahead in IT & Electronics R&D space
Centre for Development of Advanced Computing (C-DAC) is the premier R&...
TECH DATA, A TD SYNNEX COMPANY
Tech Data Corporation was an American multinational distribution compa...
WPG C&C COMPUTERS & PERIPHERALS PVT. LTD.
WPG C&C Computers & Peripherals (India) was incorporated in 2008 and ...
ADITYA INFOTECH LTD.
Aditya Infotech Ltd. (AIL) – the technology arm of Aditya Group, is ...