Coronavirus Finder Description
Coronavirus Finder is the name of the key part of a harmful campaign that is carried out via a banking Trojan called Ginp. The Ginp banking Trojan targets Android users' finances.
Among the most recently added features of the Ginp banking Trojan is a bogus prompt that informs the targeted users that they have been in close proximity with several individuals who are known to be infected with the Coronavirus. The prompt asks the user to pay a small fee, less than one Euro, which will allow them to view the locations, as well as identities of the individuals in question. The name of the prompt is Coronavirus Finder, and it requests the payment to be made via the user's credit card. Of course, this means that the users will be required to fill in their banking information, which will then be transferred to the C&C (Command & Control) server of the attackers. The banking data collected from the user will allow the attackers to gain access to the funds available on the credit card of the victim. On top of that, the bogus prompt will not offer users any legitimate information regarding COVID-19, as this is nothing more than an elaborate tactic.
Countless cyber crooks from all around the world have been using the COVID-19 pandemic to generate revenue, spread malware, distribute tactics, etc. Since the method used by the Ginp Trojan is rather innovative, we are likely to see it in future campaigns. If you came across the Coronavirus Finder prompt on your Android device, your system has likely been infiltrated by the Ginp banking Trojan. It is advisable to scan your Android device with a reputable anti-virus application as soon as possible. Be very careful when interacting with Coronavirus-themed software and content. As we mentioned, cybercriminals are using COVID-19 to trick users, and you do not want to fall victim to a Coronavirus-themed con.