New Sturnus Trojan Steals Data from WhatsApp: How to Protect Your Smartphone.

According to ТСН: Experts have discovered a new Sturnus Trojan for Android that uses accessibility features to gain control over the device and is capable of reading even encrypted chats in WhatsApp and Telegram.

Trojan Software Description

The cybersecurity company MTI Security reported the emergence of malware named Sturnus. This Trojan operates on Android devices and utilizes legitimate accessibility capabilities for full control over the smartphone.

Experts note that the virus spreads exclusively through the installation of APK files from unverified sources, bypassing the official Google Play store. Once installed, Sturnus becomes a “spy,” tracking the smartphone interface in real-time and reading encrypted messages in WhatsApp, Telegram, and Signal. It also intercepts key presses, allowing it to steal passwords while they are being entered.

Danger and Hiding Methods

The serious danger of Sturnus lies in its ability to spoof. The Trojan can create fake login screens overlaying genuine banking applications, prompting users to enter their credentials.

The malware can disguise itself as Android updates or popular system applications, such as a fake version of the Chrome browser, allowing it to stealthily gain administrative rights on devices.

Moreover, the virus can track attempts to unlock the device and view passwords, giving attackers insight into how to avoid deleting the malware even through ADB.

How to Secure Your Device

To date, most cases of Sturnus Trojan infections have been recorded in Southern and Central Europe. Analysts believe these attacks could be testing grounds before a wider deployment. Although the spreading mechanism is still being established, experts warn that the primary protection is a categorical refusal to install APK files from unverified sources.

Google representatives have confirmed that no infected programs were found in the official Google Play. Users with an active Google Play Protect system are protected from known versions of Sturnus.

It is worth noting that most Android smartphones have a convenient "quick settings" panel – simply swipe down from the top of the screen. It gathers essential parameters. Learn which of them should be turned off to make the battery last longer and the phone work faster.

This news serves as a reminder of the importance of vigilance when using mobile devices and the necessity of adhering to basic security rules. Given the activity of cybercriminals, users should carefully verify software sources and avoid unverified APK files. Universal security measures can significantly reduce the risks of falling victim to such malicious programs as Sturnus.