Researchers have identified “Sturnus,” a new, sophisticated Android banking trojan. This malware is capable of stealing credentials, bypassing encrypted messaging apps to capture communications, and granting attackers full remote control over the infected device to conduct financial fraud.
Business Impact
Sturnus represents a severe threat to mobile banking and corporate BYOD environments. Its ability to bypass encryption and control devices remotely makes it highly effective at stealing MFA codes and authorizing fraudulent transactions without the user’s knowledge.
Why It Happened
The malware abuses Android’s Accessibility Services to read screen content and perform clicks on behalf of the attacker. It is likely distributed via malicious apps sideloaded or disguised as legitimate utilities.
Recommended Executive Action
Reinforce mobile security policies. Prohibit the installation of apps from unknown sources (sideloading) on corporate devices. Deploy Mobile Threat Defense (MTD) solutions capable of detecting abuse of Accessibility Services.
Hashtags: #Android #Malware #Sturnus #BankingTrojan #MobileSecurity #Fraud #CyberSecurity #InfoSec