GNP, the famous banking Trojan that can place fake messages inside SMS applications, has begun using new methods in which it can take advantage of the epidemic affecting the whole world.


The Trojan horse GNP, which was developed to access users ' bank accounts, appeared again along with coronavirus. Uploaded to the person's phone, Ginp opens the web page titled "Coronavirus Finder" with the command he receives. This web page is claimed to show the location of people affected by the virus, and those who want to know the location of people who carry the virus are asked for 0.75 euros. When the person accepts this, they are referred to the payment page. Once payment information is entered, no amount is withdrawn from the person and the location of the people carrying the virus is not shown. That way, the credit card information gets into the hands of cybercriminals.

While the targets of the ginp Trojan have been Spanish users before, the name put in the latest version signals that it will target different countries.

Alexander Eremin, Kaspersky security expert, said: “cyber criminals have been trying to capitalise on the current crisis for months with phishing attacks and coronavirus-themed malware. But it is the first time we have witnessed a banking Trojan horse being used to exploit this epidemic. This development is alarming because GNP is a very effective Trojan horse. We advise Android users to be much more careful during this period. Automatic pop-up windows, unknown web pages and random messages about coronavirus need to be treated with suspicion." said.

Experts ' recommendations on the risks posed by GNP and other banking Trojans include::

• Just download the app from official Android stores.

• Do not share important information, such as personal passwords or credit card information, or click on suspicious links.

• Set up a secure security solution to protect your phone from threats such as banking Trojans.