Cyber Security Sturnus: Android A new cyber threat is rapidly emerging for users. security firm ThreatFabric Has issued a warning that a dangerous banking trojan Sturnus has emerged, which WhatsApp, Signal And Telegram It can also bypass the end-to-end encryption of secure messaging apps. According to researchers, this malware is still in the testing stage, but its capabilities are so advanced that it is considered more lethal than existing banking tropes.
Europe’s financial institutions are already on target
ThreatFabric’s research shows that Sturnus has already been configured to target several financial institutions in Southern and Central Europe. This clearly indicates that preparations are underway to spread it on a large scale. Its communication system is so complex that it constantly switches between simple and complex messaging protocols. It is named after the European bird Sturnus vulgaris, which is known for its irregular vocal patterns.
How does Sturnus attack?
This Trojan does not directly break end-to-end encryption, but rather abuses Android’s Accessibility Services. When the phone decrypts your messages, Sturnus immediately reads them from the screen. That means both your sent and received messages, contact list and entire chat becomes accessible to it. According to researchers, as soon as the user opens WhatsApp, Signal or Telegram, this Trojan immediately scans the UI-tree of the app and starts monitoring live chats. Additionally, it tries to install itself on the device by disguising itself as trusted apps like Google Chrome or Preemix Box.
How does your money disappear?
The main objective of Sturnus is to commit financial fraud. It steals bank data in two ways:
1. Fake login screen
This shows a fake screen on top of your real banking app. The user thinks he is logging into his bank, but his username and password are passed directly to the hacker.
2. Black Screen Attack
When hackers want to remotely control the device, this Trojan puts a black overlay on the screen. The phone appears to be switched off, but at the same time hackers make transactions in the background and withdraw money.
Does not allow itself to be removed, monitors every step
Sturnus is extremely clever. It takes device administrator access so that no one can uninstall it. It constantly monitors battery, network and sensor activity to determine whether it is being tracked by security researchers. If the user tries to turn off its permissions, it automatically closes the settings by clicking the back button. Researchers have warned that this Trojan uses many advanced techniques to remain active in the device for a long time and keeps itself safe by keeping an eye on every situation.
-
Genetic factors responsible for mouth cancer! Do not ignore these symptoms in the body
-
Why does thyroid increase? Know its main reasons and easy prevention measures
-
Attention These are 6 myths related to AIDS, if you also do not believe in them, change your thinking.
-
Account will not work without SIM card
-
Want glowing skin? Black Mask is going viral these days, know how effective it really is
