Researchers note that Sturnus can also inject text and remotely black out device screens, enabling attackers to conduct fraudulent transactions undetected.

Cybersecurity researchers have identified a new Android malware, dubbed Sturnus, that poses a significant threat to users’ banking credentials and end-to-end encrypted messaging apps, including WhatsApp, Telegram, and Signal.
According to ThreatFabric, the malware can compromise devices without breaching encryption codes, raising serious concerns about mobile security.
The malware, classified as an Android Banking Trojan, can replicate the login interfaces of legitimate banking apps, tricking users into entering their credentials. Once a victim logs in, attackers gain extensive remote access, allowing them to monitor user activity in real time.
Researchers note that Sturnus can also inject text and remotely black out device screens, enabling attackers to conduct fraudulent transactions undetected. By keeping the screen blank during these operations, users remain unaware of unauthorised transfers until after they are executed.
In addition to banking attacks, Sturnus can capture messages from apps like WhatsApp, Telegram, and Signal. The malware reads messages after decryption occurs on the device itself, circumventing the need to break encryption keys. This method allows attackers to monitor private communications, even on apps that claim end-to-end encryption.
Researchers report that Sturnus is currently targeting users in Southern and Central Europe. While the malware is still in its early stages, with only a few victims detected so far, cybersecurity experts warn that larger-scale attacks could follow as the malware is refined.
Google has not yet released a security patch addressing the vulnerabilities exploited by Sturnus, leaving Android users exposed to these sophisticated attacks. Users are advised to exercise caution, avoid clicking on suspicious links, and monitor banking apps for unusual activity.
Published: 26 Nov 2025, 02:20 pm IST
Related Topics
Get Latest Mathrubhumi Updates in English
Disclaimer: Kindly avoid objectionable, derogatory, unlawful and lewd comments, while responding to reports. Such comments are punishable under cyber laws. Please keep away from personal attacks. The opinions expressed here are the personal opinions of readers and not that of Mathrubhumi.

