Android users who utilize WhatsApp, Telegram, or Signal are advised to be vigilant as a newly identified bug named Sturnus poses a threat to these widely used platforms. The discovery of this Trojan was recently announced by Threat Fabric, raising concerns about potential unauthorized access to private conversations by cybercriminals.
The Sturnus malware, initially detected by MTI Security researchers, enables hackers to remotely take control of devices, allowing them to monitor user activities, obscure the screen during fraudulent transactions, and intercept messages along with sensitive login information.
According to Threat Fabric, Sturnus is a sophisticated Android banking trojan that can circumvent encryption on messaging apps like WhatsApp, Telegram, and Signal, giving cyber attackers the ability to monitor communications discreetly.
Although Sturnus is currently believed to be in the early stages of deployment and hasn’t affected a large number of devices yet, users are advised to remain cautious. If hackers manage to distribute the malware widely, it could potentially impact millions of Android users.
Threat Fabric highlighted the significant threat posed by Sturnus, emphasizing its various attack capabilities such as credential theft, message monitoring, keylogging, real-time screen streaming, remote control, and device administrator manipulation, which collectively endanger victims’ financial security and privacy.
To safeguard against such threats, users are encouraged to only download apps from the official Google Play Store, avoid sideloading software, and review app ratings before installation.
While Sturnus is a relatively new threat, its advanced features underscore the importance of staying vigilant against potential cyber risks.