Bank Apps With Trojan Virus – WARNING

A dangerous Trojan Virus ‘Ginp’ has been planted in the Apps of seven Spanish banks – the Android Version.

The Apps affected are those from Caixabank, Bankinter, Bankia, BBVA, EVO Banco, Kutxabank y Santander.

How does it work?

When you open the app, instead of the regular start page, you will get a superimposed ‘phishing page’, but very similar in appearance, asking you for your inlog details, card details and security code as well.
The details of course do not go to your bank, but to thieves instead.

What can happen?

They can use your card, or arrange for transfers from your bank account. When the SMS with confirmation code from the bank is received by your phone, the Ginp virus will make sure it gets sent on to the thieves.

How do I know?

When the bank app is launched, the effect of the appearance of the malicious screen is similar to when it is passed from one application to another on Android mobiles. “If you look then in the list of apps that you have open you see an unnamed one like the most recent one, open after the one in the bank,” an expert explains. This type of attack is called overlay. It consists of getting on top of the banking app through an Android permit. Google has made it increasingly difficult to achieve, but it still happens.

What do I do?

Take the App off your phone and contact your bank soonest to check on whether you´d need to cancel your bank cards.

How did the App get ‘infected’ with the virus?

There are two basic paths. First, through a link. In the case of Ginp, the main wave has been through spam with an SMS link. The Trojan then hijacks the contact list and forwards the link to other users. A researcher at Kaspersky, who was the first to publish the existence of Ginp, gave an example of one of those SMS messages, with a supposed update of Android 10.

Another way in which this Trojan is distributed is with ads on the web in which a pop-up pops up asking to install “Adobe Flash Player” on the mobile. Flash has not been used in mobile phones for years, but it is an often found feature of the web that has remained in our memory and is effective as a hook. And obviously instead of Flash there is malicious code. Another usual danger that does not seem to have occurred in this case is through a Trojan application on Google Play. They can be flashlights, horoscopes, battery utilities or phone cleaning.

Once inside, the app has instructions to delete its icon, to hide and not appear with a logo. But it keeps running while waiting for the user to start a bank application.

Please note: The information provided is based upon our understanding of current legislation. It is not legal advice but is provided freely to enable you to be properly informed. We recommend that if you are considering taking action, you should seek professional advice.

How Can Citizens Advice Bureau Spain Benefit You?

As an expatriate living in Spain; do you find that the Spanish bureaucratic system can be disconcerting? Have you discovered that the simplest of transactions are difficult to conclude? Find yourself searching for answers to problems only to discover that there is nowhere where you could find a solution? I am assuming that the answer is yes and that is why should be a member of our web site if you arent already.
citizens advice spain


We use our own and third-party cookies to prepare statistical information through the analysis of your browsing, in accordance with our cookies policy. If you continue browsing, you accept its use.
view CAB cookie policy

Utilizamos cookies propias y de terceros para elaborar información estadística y mostrarte publicidad personalizada a través del análisis de tu navegación, conforme nuestra política de cookies. Si continúas navegando, aceptas su uso.
ver política de cookies de CAB

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.