Anyone using WhatsApp, Telegram, or Signal on an Android phone, such as Samsung's Galaxy range or a Google Pixel device, should be on high alert. A newly discovered bug, dubbed Sturnus, could soon put millions at risk, and those infected face a number of worrying issues, including private chats being read and stolen.
Security analysts at ThreatFabric have just confirmed the new threat with the team saying, "This malware supports a broad range of fraud-related capabilities, including full device takeover. It creates a dangerous threat to victims' financial security and privacy."
First identified by MTI Security researchers, this alarming new Trojan is fully capable of granting hackers full remote control once a device becomes infected.
With that access, attackers can watch everything a user does on the display. They can even black out the phone's screen while carrying out fraudulent actions in the background - that means the user has no idea anything is going on.
Crooks who carry out the attack can read incoming and outgoing messages, swipe banking details, and steal login credentials.
According to ThreatFabric, "The trojan can harvest banking credentials through convincing fake login screens that replicate legitimate banking apps. In addition, it provides attackers with extensive remote control, enabling them to observe all user activity, inject text without physical interaction, and even black out the device screen while executing fraudulent transactions in the background-without the victim's knowledge.
"By capturing content directly from the device screen after decryption, Sturnus can monitor communications via WhatsApp, Telegram, and Signal."
Right now, Sturnus still appears to be in its early stages and hasn't spread across the globe, but that's no reason to relax. If attackers figure out an efficient way to distribute it, the impact on Android users could be massive.
The safest move? Stick to apps from the official Google Play Store, avoid sideloading software, and read app reviews before installing anything new.
It's always worth seeing if the developer of an application has a good reputation and never add an app if it's been sent on a link or via social media.
Sturnus may be new, but its capabilities are already raising serious red flags.
