A new threat named Sturnus has been identified by cybersecurity experts at Threat Fabric, posing a risk to Android users of WhatsApp, Telegram, and Signal. The Trojan was initially discovered by MTI Security researchers and can grant hackers remote access to devices, allowing them to monitor user activities, intercept messages, and capture sensitive information such as banking credentials.
Sturnus has the capability to bypass encrypted messaging platforms like WhatsApp, Telegram, and Signal, enabling cybercriminals to extract information directly from the device screen after decryption. While the malware is still in its early stages of development and hasn’t affected a large number of devices yet, users are advised to remain vigilant.
According to Threat Fabric, Sturnus is a sophisticated threat that can facilitate credential theft, message monitoring, keylogging, screen streaming, remote control, and device administrator abuse. To mitigate the risk of infection, users are encouraged to only download apps from the official Google Play Store, avoid sideloading software, and verify app reviews before installation.
Despite its novelty, Sturnus poses significant security and privacy concerns, emphasizing the importance of taking proactive measures to safeguard personal information and devices from potential cyber threats.