Operators of the Android banking trojan Ginp are sending the malware a special command that opens a webpage called Coronavirus Finder. The page claims that 12 people infected with the new coronavirus are in the vicinity of the victim and promises to show their location for 0.75 EUR. The purpose is to make victims provide payment card data in the hope of learning how close they are to infected individuals. It’s a particularly heinous campaign because it targets users in Spain, a country that’s been hit hard by the virus.
Source: https://www.bleepingcomputer.com/news/security/ginp-mobile-banker-targets-spain-with-coronavirus-finder-lure/