Emergent Android banking Trojan shows app overlay attacks are still effective
Researchers are tracking an Android Trojan that’s been rapidly improving over the past several months. It uses overlay attacks to steal login credentials and payment card details from users of banking and other applications.
Dubbed Ginp, the Trojan was first spotted in October 2019, but has been in the wild since at least June, according to researchers from Dutch cybersecurity company ThreatFabric. During the past five months, the malware has received numerous improvements, including some features borrowed from an older commercial banking Trojan called Anubis.