A new security threat named Sturnus is now a concern for users of WhatsApp, Telegram, and Signal on Android devices. Discovered by MTI Security researchers and confirmed by Threat Fabric, this Trojan allows hackers to take remote control of devices, potentially exposing private chats and enabling fraudulent transactions. Sturnus can intercept messages, steal banking details, and bypass encrypted messaging services like WhatsApp, Telegram, and Signal.
Although Sturnus is currently not widespread, it poses a significant risk if hackers find ways to distribute it to a larger audience. This sophisticated malware offers attackers extensive control over infected devices, including overlay-based credential theft, keylogging, real-time screen streaming, and device administrator abuse, jeopardizing victims’ financial security and privacy.
To protect against such threats, users are advised to download apps only from the official Google Play Store, avoid sideloading software, and check app reviews before installation. While Sturnus is a new threat, its advanced capabilities highlight the importance of remaining vigilant and cautious with device security practices.