A new threat named Sturnus has been identified by security experts at Threat Fabric, posing a risk to Android users running messaging apps like WhatsApp, Telegram, and Signal. This Trojan, initially detected by MTI Security researchers, enables hackers to take remote control of devices, allowing them to monitor user activities, intercept messages, and execute unauthorized transactions.
Sturnus has the ability to bypass encrypted messaging platforms, capturing decrypted content from the device screen to monitor communications. While currently in the early stages of development with limited infections, the potential impact on Android users could be significant if hackers find ways to widely distribute the malware.
According to Threat Fabric, Sturnus is a sophisticated threat that grants attackers extensive control over compromised devices, including credential theft, keylogging, screen streaming, and device administrator manipulation. To mitigate risks, users are advised to only download apps from the official Google Play Store, avoid sideloading software, and review app ratings before installation.
Although Sturnus is a nascent threat, its capabilities are concerning and highlight the importance of device security and cautious app installation practices.