Millions of Britons using popular messaging apps on Android have been put on high alert following the discovery of a dangerous new malware threat capable of exposing their most confidential conversations.
What is the Sturnus Trojan?
Security researchers at MTI Security have identified a sophisticated piece of malware called Sturnus, which has been confirmed by the cybersecurity firm Threat Fabric. This Android banking trojan is privately operated and possesses a worrying range of capabilities.
Most alarmingly, Sturnus can bypass the end-to-end encryption used by messaging giants like WhatsApp, Telegram, and Signal. It achieves this by capturing content directly from a device's screen after messages have been decrypted for the user to read, effectively rendering the encryption useless against this form of attack.
How Sturnus Takes Over Your Device
The trojan grants hackers near-total remote control over infected Android devices. This allows cybercriminals to observe all user activity in real-time. A particularly sinister feature is its ability to black out the device screen while it executes fraudulent transactions in the background, leaving the victim completely unaware.
This full device takeover means attackers can not only read private sent and received messages but also steal sensitive banking credentials, login data, and other personal information through extensive keylogging and overlay attacks.
Threat Fabric stated, "Sturnus represents a sophisticated and comprehensive threat, implementing multiple attack vectors that provide attackers with near-complete control over infected devices." They further warned that the combination of these techniques creates a severe danger to both financial security and personal privacy.
Staying Protected from the Threat
While experts believe Sturnus is still in its early development stages and has not yet infected vast numbers of devices, its potential for harm is significant. If hackers find an effective distribution method, it could cause serious problems for millions of Android users globally.
The most effective defence is to be extremely cautious about what you install. Only download official apps from the Google Play Store, avoid sideloading software from unknown sources, and always check app reviews before installing anything new on your device.
This new warning serves as a crucial reminder that even services renowned for their security are not impervious to threats that target the device itself.
