Banking App Overlays At Heart Of Ginp Malware
Published: March 23, 2020 on our newsletter Security Fraud News & Alerts Newsletter.
Hold onto your bank accounts because new Android financial malware is running wild on mobile devices. It’s called Ginp, and it uses fake web page overlays to steal financial data. Without arousing suspicion, it takes payment card info, passwords, and more by placing a phony web page, an exact duplicate, over the true page. Its purpose is to steal financial data, and for most, it’s impossible to detect. Ginp is the latest financial malware strain that puts together a patchwork of effective banking Trojan components and improves them with laser precision. It’s a form of “credential phishing” attack that easily tricks users into handing over their personal and financial information in the blink of an eye.
Discovered not long ago, researchers found Ginp has been “in-the-wild” since earlier this summer. That means the virus has moved beyond the testing stage and has been attacking real world devices for some time. Ginp’s success relies on a tried and true method of placing exact overlays on top of banking app pages. The malware gives users a message that the app has timed out and personal, account, and verification credentials need to be logged-in again. Once the “required” data is provided, Ginp takes possession of all that sensitive data to do what it wants with it. It’s a messy situation involving users downloading banking apps infected with Ginp malware, unknowingly giving the apps permission to collect data and credential phish.
Ginp malware was last delivered through a fake Adobe Flash update scam but it is also a reminder that every app download should be approached with caution and common sense. “Sideloading” apps from unofficial software providers is a recipe for malware infection. Google Play Store puts apps through virus detection before making them available to the public, something unauthorized app providers don’t always do. Always check reviews for an app before downloading as they often include problems and issues others have discovered. Also, pay close attention to permissions an app asks for during download. Many apps ask for access to data they have no need for and doesn’t make sense the it would need. For example, would a banking app need to access your contacts? No, it doesn’t make any sense it would need that access to function properly. Granting permission without being aware of what you’re agreeing to is always risky business, so say “no” and if you find out you do need it, you can turn it on then.
Remember, there’s no shortage of malware out there waiting to be downloaded, so always vet an app before you commit.
Keep up to date: Sign up for our Fraud alerts and Updates newsletter
Want to schedule a conversation? Please email us at firstname.lastname@example.org