A new security threat named Sturnus has been identified by cybersecurity experts at Threat Fabric, posing a risk to users of WhatsApp, Telegram, and Signal on Android devices. This Trojan allows hackers to take control of devices remotely, enabling them to monitor user activities, including reading private messages and capturing sensitive information like banking credentials.
Sturnus, initially discovered by MTI Security researchers, is designed to bypass encrypted messaging services, posing a significant threat to user privacy and financial security. Although the malware is currently in its early stages and hasn’t affected a large number of devices, users are advised to remain vigilant.
According to Threat Fabric, Sturnus is a sophisticated threat that grants attackers extensive control over infected devices, including credential theft, message monitoring, keylogging, screen streaming, remote control, and device administrator abuse. To mitigate the risk of such threats, users are encouraged to download apps only from the official Google Play Store, avoid sideloading software, and carefully review app ratings before installation.
While Sturnus is a relatively new threat, its capabilities highlight the importance of maintaining device security and exercising caution when installing apps to prevent potential cyberattacks.