Updated:03/27/2020 02: 21h
Cyber criminals have been using the coronavirus. Over the past few months, cybersecurity companies have warned about how they take advantage of it in various ways. From malicious websites disguised as pages offering information about the pandemic, to cyber-scams asking for donations to fight the disease.
Now, the cybersecurity company Kaspersky has warned about the effect that the computer virus is having in Spain Ginp. A Trojan that attackers camouflage as the app Coronavirus Finder. An «app», designed for Android devices, which -apparently- shows the user the nearby people who are infected. Nevertheless, his real goal is to steal the victim’s bank details.
“Ginp” malware “was first detected last fall. Initially, it had the typical skills of banking Trojans: it sent all the victim’s contacts to their creators, intercepted text messages, stole bank card data, and covered banking applications with “phishing” windows. The latter was done by taking advantage of the Accessibility functions, a set of Android functions for visually impaired users, ”Kaspersky sources explain to this newspaper.
The company points out, in turn, that, since its appearance, malware has evolved. Until reaching the current moment, in which you are being used especially in the campaign related to the Covid-19. Ginp allows attackers to generate new attacks targeting all victims whose phones are infected. Thus, when Ginp receives a specific command, it opens a page called Coronavirus Finder with a simple interface that shows the number of people infected with coronavirus around you and that urges you to pay a small sum (€ 0.75) to see the location. of said people ”, affirm the same sources.
Likewise, from Kaspersky they point out that the fact that the amount requested is not very high causes many users to fall into the trap: “Since the amount is very small, many victims do not think twice. Then the website invites you to enter your bank card details to complete the transaction. Once you enter all your credit card details, they go directly to criminals … and then nothing happens. They will not even charge you this small amount (for what ?, if they already have the funds from your card at their disposal). And, of course, they do not show you any information about people infected with coronavirus near you, since they do not have it ”.
Until now, the vast majority of the victims of this campaign – 83% – are residents of Spain. However, from the cybersecurity firm they point out that it will not be long before incidents in other countries begin to grow.