a new malware set off alarms among cybersecurity specialists: it is Sturnusa Trojan designed to attack Android devices and gain access to sensitive information, such as chat conversations. WhatsApppasswords, banking details and content stored on the phone. The threat was identified by digital analysis firms and reported by specialized media, which warn of its rapid spread.
Sturnus is a Trojan capable of stealing chats, passwords and banking details from Android devices./ Pixabay
How Sturnus operates and why it is a threat to WhatsApp
According to reports, Sturnus is infiltrated primarily through fake or modified applications that are distributed outside of Google Play. Once installed, it requests permissions that appear normal, but in reality allow it to record user activity, capture screens, and access messaging chats, including those on WhatsApp.
The Trojan works as advanced spyware, capable of operating in the background without raising suspicion. By gaining access to the system, it intercepts notifications, reads messages and extracts passwords stored on the device. It can also send the stolen information to remote servers controlled by the attackers, making the infection a risk for multiple platforms and services.
The malware is distributed through fake applications installed outside of Google Play./ Pixabay
In addition to capturing conversations, Sturnus can manipulate accessibility services, allowing it to record every key the user presses. This feature increases the threat in security applications mobile bankingsocial networks, emails and any service that requires login.
How is the Trojan distributed and how can it infect your Android?
Cybersecurity specialists point out that Sturnus uses security techniques social engineering to convince users to install fraudulent applications. These are usually presented as “premium” versions, optimization tools or apps that promise exclusive functions for WhatsApp, but in reality they are the vehicle to install malware.
Installing APK files from unknown sites is the main entry point for this Trojan. Once the user grants excessive permissions or fails to properly review app requests, Sturnus gains full access to the device.
Experts warn that Sturnus can read messages, log keys and operate in the background without being detected./ Pixabay
If a phone starts exhibiting strange behavior, such as heating up for no reason, excessive battery consumption, apps opening on their own, or unusual background activity, it could be an infection. In such cases, experts recommend using certified antivirus tools or resetting the device to remove the malware completely.
Although the threat remains active, prevention measures are clear: avoid external downloads, keep the system updated and carefully review the permissions of any application. Simple security reinforcements can prevent Sturnus from accessing private information and prevent greater risks.
Checking permissions and avoiding external APKs is key to avoiding infections by the Sturnus Trojan./ Pixabay
