A dangerous new Android malware has been discovered. Security researchers have identified a sophisticated banking trojan named “Sturnus.” This malware can steal sensitive financial data and capture messages from encrypted apps.

The threat was first detailed by researchers at ThreatFabric. According to their report, the malware is currently active in targeted attacks across Europe. Its capabilities represent a significant escalation in mobile security threats.

Sophisticated Attack Methods Pose Serious Risk

Sturnus employs several advanced techniques. It uses overlay attacks to steal banking credentials. Fake login screens are displayed over legitimate banking apps.

This method tricks users into entering their details. The information is then sent directly to the attackers. The malware also enables full remote control of the infected device.

Attackers can observe all user activity in real-time. They can push text to the device and even black out the screen. This allows them to perform fraudulent transactions secretly.

Encrypted Messaging Apps Are Not Safe

The malware bypasses encryption on popular messaging apps. It does not break the encryption itself. Instead, it captures content directly from the screen after decryption.

This affects apps like WhatsApp, Telegram, and Signal. Users believe their conversations are secure. The malware simply records what is displayed.

This approach is both simple and highly effective. It highlights a fundamental vulnerability in how we perceive digital security. The device itself becomes the weakest link.

The malware is not yet widely distributed. It appears to be in a testing or development phase. Targeted attacks are focusing on Southern and Central Europe.

Security experts warn this could be a prelude to a larger campaign. The discovery allows defensive measures to be developed. Google and device manufacturers are likely already investigating patches.

This new Android banking trojan demonstrates the evolving nature of mobile threats. Users must remain vigilant about the apps they install and the links they click. The Sturnus malware serves as a stark reminder that our most personal data is constantly under attack.

Info at your fingertips

How can I protect my device from this malware?

Avoid installing apps from unofficial sources. Keep your device’s operating system updated. Use a reputable mobile security application for added protection.

Which Android versions are affected by this threat?

The malware does not target a specific Android version. The risk applies to any device that installs a malicious application containing the Sturnus trojan.

Can this malware be removed once installed?

Yes, it can typically be removed with a security scan and factory reset. However, the immediate priority is to contact your bank if you suspect an infection to secure your accounts.

What makes this malware different from others?

Its ability to bypass encrypted messaging by screen recording is a key differentiator. The level of remote control it grants attackers is also considered highly advanced and dangerous.

Has Google been notified about this threat?

Yes, the security researchers who identified the threat have shared their findings. It is standard practice to inform the platform owner so they can develop security patches.

Trusted Sources

ThreatFabric, MTI Security

iNews covers the latest and most impactful stories across entertainment, business, sports, politics, and technology, from AI breakthroughs to major global developments. Stay updated with the trends shaping our world. For news tips, editorial feedback, or professional inquiries, please email us at [email protected].

Get the latest news and Breaking News first by following us on Google News, Twitter, Facebook, Telegram , and subscribe to our YouTube channel.