Ginp was first recognized by Kaspersky labs in 2019 and was found to have all the capabilities of a standard Android banking trojan. Since a new version has surfaced, a new capability has been added as well. The trojan is now able to place fake text messages directly in the inbox of a regular SMS app. The operators of Ginp make the messages appear like they are coming from a trusted vendor to alert the victim of blocked account access or account changes. In order to fix the issue, the user is requested to open the app that is having the problem. When that is done, Ginp will overlay the app’s window and ask for credit or debit account credentials. If this is done, the victim would have given their credentials to the criminals. “Ginp is simple, but efficient—and effective. And the rate at which it evolves and acquires new capabilities is concerning. While this attack has so far only been seen in Spain, based on our previous experience, this Trojan could begin to emerge in other countries as well; Android users need to be on alert,” stated Alexander Eremin from Kaspersky.
By Anthony Zampino Introduction Leading up to the most recent Russian invasion of Ukraine in