• Admin

Banking App Overlays At Heart Of Ginp Malware

Published: March 23, 2020 on our newsletter Security Fraud News & Alerts Newsletter.



Hold onto your bank accounts because new Android financial malware is running wild on mobile devices. It’s called Ginp, and it uses fake web page overlays to steal financial data. Without arousing suspicion, it takes payment card info, passwords, and more by placing a phony web page, an exact duplicate, over the true page. Its purpose is to steal financial data, and for most, it’s impossible to detect. Ginp is the latest financial malware strain that puts together a patchwork of effective banking Trojan components and improves them with laser precision. It’s a form of “credential phishing” attack that easily tricks users into handing over their personal and financial information in the blink of an eye.


Discovered not long ago, researchers found Ginp has been “in-the-wild” since earlier this summer. That means the virus has moved beyond the testing stage and has been attacking real world devices for some time. Ginp’s success relies on a tried and true method of placing exact overlays on top of banking app pages. The malware gives users a message that the app has timed out and personal, account, and verification credentials need to be logged-in again. Once the “required” data is provided, Ginp takes possession of all that sensitive data to do what it wants with it. It’s a messy situation involving users downloading banking apps infected with Ginp malware, unknowingly giving the apps permission to collect data and credential phish.


Ginp malware was last delivered through a fake Adobe Flash update scam but it is also a reminder that every app download should be approached with caution and common sense. “Sideloading” apps from unofficial software providers is a recipe for malware infection. Google Play Store puts apps through virus detection before making them available to the public, something unauthorized app providers don’t always do. Always check reviews for an app before downloading as they often include problems and issues others have discovered. Also, pay close attention to permissions an app asks for during download. Many apps ask for access to data they have no need for and doesn’t make sense the it would need. For example, would a banking app need to access your contacts? No, it doesn’t make any sense it would need that access to function properly. Granting permission without being aware of what you’re agreeing to is always risky business, so say “no” and if you find out you do need it, you can turn it on then.


Remember, there’s no shortage of malware out there waiting to be downloaded, so always vet an app before you commit.


Keep up to date: Sign up for our Fraud alerts and Updates newsletter

Want to schedule a conversation? Please email us at advisor@nadicent.com

1 view0 comments
  • Facebook
  • LinkedIn
  • Twitter

© 2020  by Sandra Ruiz Enterprises, LLC.   No animals were harmed in the creation of this website.  Nadicent Technologies, LLC |  2389 Main Street, Glastonbury CT 06033 | www.nadicent.com | advisor@nadicent.com  | 203-274-8466