Android Devices Vulnerable to New ‘Sturnus’ Malware That Attacks Bank Apps, Bypass E2E Encryption: Report

Sturnus, an Android banking trojan, was reportedly spotted by MTI Security researchers.

Advertisement
Written by Dhruv Raghav, Edited by Rohan Pal | Updated: 26 November 2025 11:04 IST
Highlights
  • Sturnus can read a user’s chats without breaking encryption
  • Sturnus is identified to be a private Android Trojan malware
  • The malware can black out a user’s screen

Researchers warn Android users of wider, large scale Sturnus attacks

Photo Credit: Unsplash/ Desola Lanre-Ologun

Android devices are vulnerable to a newly-found malware, dubbed Sturnus, which can access a user's banking credentials, according to a report citing cybersecurity researchers. It is also said to be capable of reading a user's end-to-end encrypted chats on various instant messaging services, like WhatsApp, Telegram, and Signal, without breaching the encryption code. Termed as an Android Banking Trojan, the malware is primarily targeting users in Southern and Central European countries, the report added. However, Google has yet to release a new security patch that would fix the vulnerabilities being leveraged by the trojan.

Sturnus Can Create a Fake Login Page to Access a User's Banking Credentials

ThreatFabric, a publication that focuses on cyberattacks and software vulnerabilities, reports that MTI Security researchers have identified a new Android Banking Trojan, called Sturnus. The malware is capable of replicating the login pages of various banking apps on a user's phone, compelling them to log in to steal their banking credentials. Moreover, it grants “extensive remote” access to the attackers, which allows them to “observe all user activity”.

Advertisement

Sturnus also enables the bad actors to “inject” text without being in physical contact with the Android device. They can also remotely black out the screens of devices to “execute fraudulent transactions in the background”. By making the screen blank, a user does not get to know about said transactions till the money has actually been transferred to an account.

Another concerning factor is that Sturnus can give attackers access to a user's end-to-end encrypted messages. The malware does not need a key to decrypt codes, as it can read the messages after they have been decrypted by capturing the screen of an Android device. It can reportedly “monitor communications” done through WhatsApp, Telegram, and Signal. All three apps provide end-to-end encryption, claiming that even they can't access a user's messages.

Advertisement

The report added that Sturnus' makers are primarily targeting victims in Southern and Central European countries. The researchers believe that the Android Banking Trojan is still in its early stages, and the attackers could still be evaluating and tuning the malware, as only a “few” victims have been spotted so far. The bad actors are reportedly conducting “short, intermittent” attack campaigns. However, the researchers warn that there could be large scale and widespread attacks soon.

 

Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.

Advertisement
Popular Mobile Brands
  1. OTT Releases This Week: Peddi, Ikka, Balti, Dose, The Westies, and More
  2. Call of Duty: Black Ops and Black Ops 2 Ports Released on PS4 and PS5
  3. Apple Reviews iPhone 17 Demand as Costs Rise Due to Memory Shortage: Report
  4. Sony IER-M500 In-Ear Monitors Launched With 5mm Driver, Hi-Res Audio
  1. Tecno Camon 50 Ultra 5G India Launch Date Announced; Colourways and Amazon Availability Confirmed
  2. Apple Reportedly Reviews iPhone 17 Demand as Costs Rise Amid Ongoing Memory Shortage
  3. Interpol Traces $122 Million Crypto Wallet Connected to Romance Scam Network
  4. Hong Kong's Securities and Futures Commission Tightens Anti-Phishing Standards for Crypto Platforms
  5. Itel Zeno 100 Pro India Launch Date Announced as Company Teases Zeno 100 Lite Arrival, Key Features
  6. Sony RX10 V Compact Camera Launched With 20.1-Megapixel Sensor, 4K 120fps Video Recording and 25x Optical Zoom
  7. Motorola Edge 70 Max India Launch Date Announced; Design, Key Features Revealed
  8. Asus Vivobook 14, Vivobook 15 Refreshed With Intel Core Series 3 Processors: Price, Availability
  9. Call of Duty: Black Ops and Black Ops 2 Ports Released on PS4 and PS5
  10. Samsung Galaxy Z Fold 8, Z Fold 8 Ultra Prices Surface Ahead of Unpacked Launch Event
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2026. All rights reserved.