Coronavirus Finder

Coronavirus Finder is the primary part of a harmful tactic that is executed with the help of Ginp, a multi-functional Android banking Trojan that uses a wide range of techniques and tricks to get access to the funds of its victims. One of Ginp's newest abilities allows it to spawn a fake prompt, which tells the victim that they might be close to various persons infected with the Coronavirus, and they can pay a small fee (less than €1) to find out their exact identities and locations. The prompt, titled 'Coronavirus Finder,' then asks the victims to enter their credit card data to pay the small fee and unlock the information that can help them avoid contact with the infected people. However, all of the data entered in the fields will be transferred to Ginp's command and control server, and the attackers will have the ability to spend all the funds available on the credit card. Needless to say, the fake Coronavirus Finder will not show you any information about COVID-19 carriers.

Hackers have been using all trick kinds to exploit the popularity of the COVID-19 topic, but the Coronavirus Finder component of the Ginp Trojan is an innovative strategy, certainly. So far, the Coronavirus Finder has only been used by Ginp, and we are yet to see a website dedicated to this tactic – this means that if you see the Coronavirus Finder application on your phone, then it is very likely that the Ginp Trojan is running in the background

Since cybercriminals are relying on the COVID-19 topic for a wide range of tactics, malware, and fake applications, we advise you to be more careful when interacting with any software or content related to the pandemic. It also is recommended to stick to using software provided by legitimate sources and avoid downloading programs from shady websites and services. Last but not least, it is a good idea to invest in a regularly updated Android anti-malware application.