A new threat is proving that even “end-to-end encryption” isn’t a silver bullet for total privacy. Security researchers have uncovered a sophisticated Android banking trojan, dubbed Sturnus, that is capable of capturing private conversations on apps like WhatsApp, Telegram, and Signal.
Discovered by Dutch cybersecurity firm ThreatFabric, Sturnus appears to be in its pre-deployment phase, but is already fully functional. It is configured with templates to target major banks across Southern and Central Europe, signaling preparation for a far wider and more coordinated global operation.
Sturnus functions as an advanced banking trojan that gives attackers near-total remote control of an infected Android device. While apps like Signal or WhatsApp protect data in transit, the trojan is designed to monitor everything displayed on your phone’s screen in real time. It simply waits for the messages to be decrypted and shown by the app. It then captures full message threads and contacts right from the display. The very moment you read a message, the attacker can too.
The malware uses highly convincing full-screen overlays to capture banking credentials. It can even execute financial transactions while displaying a black full-screen overlay on your device, hiding the activity from you completely.
When a single piece of malicious code can gain this level of control, the answer to the question, “What could possibly go wrong?” is simply: Everything!
Written by Clement Saudu
 | PIVX: Your Rights. Your Privacy. Your Choice |