Android Trojan Steals Bank Logins—Even From Encrypted Chats
Part of composite article Federal Probe into Minnesota Pandemic Food Aid Fraud Expands View full article →
A new and dangerous malware is targeting Android users. Named "Sturnus," it acts as a banking trojan designed to steal your money and spy on your private conversations.
The malware tricks users into installing it by pretending to be a legitimate app. Once installed, it can steal login credentials for banking and other sensitive accounts.
Sturnus has advanced spying features. It can read your messages, even those sent through encrypted services like WhatsApp or Telegram. It does this by using a device's accessibility features to capture everything on the screen.
The trojan also gives attackers remote control over an infected phone. This allows them to secretly approve fraudulent bank transactions, bypassing security measures.
Experts warn users to only download apps from official stores like Google Play. Be cautious of apps requesting unnecessary permissions, especially "accessibility services" that are not related to the app's core function.