Sturnus: New Android Banking Trojan Targets WhatsApp, Telegram, Signal

The Android trojan Sturnus targets secure messaging apps like WhatsApp, Telegram, and Signal. It has full device-takeover abilities, bypasses encrypted messaging by capturing on-screen content, and can steal banking credentials. The malware is still under development but already targets financial institutions, signaling preparation for a broader campaign. It uses HTML overlays and accessibility-based keylogging to steal data and enables full remote control of infected devices.