New Ginp banking malware targets credit/debit card information via screen overlay
By MYBRANDBOOK
A new form of sophisticated Android banking malware named “Ginp” has been uncovered by researchers. It targets Android users via screen overlay attack to steal banking credentials, SMS & credit/debit card details to empty victims’ bank account.
The Ginp malware was initially spotted at the end of the October 2019; since then the malware is continuously under development, and 5 different versions of the Trojan have been released.
It is being studied that attackers are mainly interested in Spanish based bank users. They are also continuously releasing regular updates, and some evidence found the Gip malware copying code from infamous Anubis banking Trojan.
Ginp is using multiple step overlay to avoid raising suspicion and the initial version was distributed via fake "Google Play Verificator” app to steal the only incoming and outgoing SMS data.’
The next version has been released with a set of new features and spreading via masquerading as a fake “Adobe Flash Player” app to target some of the social and utility apps such as Google Play, Facebook, WhatsApp, Chrome, Skype, Instagram, and Twitter.
The 3rd version of Ginp is launched to focus on Banking sectors, and the attackers mainly target the 24 apps belonging to 7 different Spanish banks: Caixa bank, Bankinter, Bankia, BBVA, EVO Banco, Kutxabank and Santander.
Once the malware landed into the device, as a first step, it removes the icon and seeks the victim for the Accessibility Service privilege. After it gets the permission, the Ginp itself grants some of the sensitive additional permission, such as send messages, and make calls, without requiring any further action from the victim.
Ginp targets various social media apps such as Facebook, WhatsApp, Skype, Twitter, Chrome, Instagram, Snapchat and implements the generic credit card grabber overlay screen to harvest the card number, CVV, Date etc.
Singapore to remove One-Time Passwords from Bank Accounts
According to the Monetary Authority of Singapore, clients who utilise secur...
Is 375 million Airtel subscribers database breached?
When a hacker claims to have accessed and put up for sale a customer databa...
The government of India intends to construct a single portal f
A single portal will be launched by the Indian government to list all of it...
OpenAI offers GPT-4o, a faster model available to all users at
GPT-4o, a faster and more sophisticated AI model, is made available to all...
Icons Of India : RAJENDRA SINGH PAWAR
Rajendra Singh Pawar is the Executive Chairman and Co-Founder of NIIT ...
Icons Of India : Harsh Jain
Harsh Jain, the co-founder of Dream 11, the largest fantasy sports web...
Icons Of India : PRATIVA MOHAPATRA
Prativa is a transformational leader with an incredible breadth of exp...
IFFCO - Indian Farmers Fertiliser Cooperative
IFFCO operates as a cooperative society owned and controlled by its fa...
ITI - ITI Limited
ITI Limited is a leading provider of telecommunications equipment, sol...
EESL - Energy Efficiency Services Limited
EESL is uniquely positioned in India’s energy sector to address ener...
Indian Tech Talent Excelling The Tech World - NEAL MOHAN, CEO - Youtube
Neal Mohan, the CEO of YouTube, has a bold vision for the platform’s...
Indian Tech Talent Excelling The Tech World - Aneel Bhusri, CEO, Workday
Aneel Bhusri, Co-Founder and Executive Chair at Workday, has been a le...
Indian Tech Talent Excelling The Tech World - Sundar Pichai, CEO- Alphabet Inc.
Sundar Pichai, the CEO of Google and its parent company Alphabet Inc.,...