• Latest
  • All
  • How To
Sturnus, the Mobile Banking Android Malware

New Android Banking Malware Can Read Your “Encrypted” Messages

November 25, 2025
Apple Drags OpenAI to Court Over Stolen Hardware Secrets

Apple Drags OpenAI to Court Over Stolen Hardware Secrets

July 13, 2026
High Court ruling: Safaricom 60% and DTB 40% Liable in KSh 4.42M SIM-swap Fraud Case

Kenyan Court Rules Safaricom, DTB Must Pay Customer KES 4.4M After SIM Swap Fraud

July 13, 2026
Period Tracker

Period Tracker: An App That Prioritizes Simplicity and Privacy

July 11, 2026
How to Block Muse Image From Downloading and Remixing Your Reels

Meta Halts Muse Image After Outcry Over Risks of AI-Generated Content

July 11, 2026
DHgate Tablet Cases deals
Biggest Taxpayers Remain a Small Group of Formal Businesses, KRA Data Shows

Biggest Taxpayers Remain a Small Group of Formal Businesses, KRA Data Shows

July 11, 2026
How to Block Muse Image From Downloading and Remixing Your Reels

Muse Image: How to Block Others From Generating AI Content Using Your Instagram Posts

July 11, 2026
African Game Studios Can Now Apply for Google’s New $1 Million Fund

Google Tightens Play Store Terms Around Data, Sharing, and Billing

July 10, 2026
IEBC Owns Up to Cracks in 2022’s Dispute Resolution Process, Eyes Fixes Before 2027

IEBC Owns Up to Cracks in 2022’s Dispute Resolution Process, Eyes Fixes Before 2027

July 10, 2026
Emissions test

New Bill Would Force Kenyan Motorists to Test Vehicle Emissions Every Year

July 9, 2026
SpaceXAI Grok 4.5

Elon Musk Rebrands xAI as SpaceXAI and Launches Grok 4.5

July 9, 2026
KOKO Networks Puts Its Ethanol Empire Up For Sale

KOKO Networks Puts Its Ethanol Empire Up For Sale

July 8, 2026
Betting

New Betting Rules Let Families Request Gambling Bans for Loved Ones

July 8, 2026
Techweez | Tech News, Reviews, Deals, Tips and How To
  • News
  • Entertainment
  • Reviews
  • Features
  • Editorial
No Result
View All Result
Techweez | Tech News, Reviews, Deals, Tips and How To
  • News
  • Entertainment
  • Reviews
  • Features
  • Editorial
No Result
View All Result
Techweez | Tech News, Reviews, Deals, Tips and How To
No Result
View All Result

New Android Banking Malware Can Read Your “Encrypted” Messages

Caleb Sama by Caleb Sama
November 25, 2025
in Features
Reading Time: 4 mins read
320
0
Sturnus, the Mobile Banking Android Malware

Security researchers at MTI have discovered Sturnus, a nasty piece of Android malware that’s currently being tested in Central and Southern Europe. What makes it so dangerous is how it defeats one of our most trusted security features: encrypted messaging apps.

The Trojan doesn’t try to break encryption – that would be nearly impossible. Instead, it simply waits until your phone decrypts messages for you to read, then captures them straight from your screen.

WhatsApp, Telegram, Signal – none of them can protect you once Sturnus is installed, because the malware is essentially reading over your shoulder after the legitimate app has already done the decryption work.

Targeted Messaging Apps
Targeted Messaging Apps

Sturnus is a full-featured banking trojan built for large-scale fraud. It creates fake login screens that mimic legitimate banking apps to steal credentials, and it can take complete remote control of infected devices.

The really sinister part is its ability to black out your screen while conducting fraudulent transactions in the background, leaving victims completely unaware that anything is happening.

.

The malware operates through a sophisticated command-and-control system using both WebSocket and HTTP channels. After initial registration, it establishes encrypted communication using a combination of RSA and AES encryption.

ThreatFabric researchers named it Sturnus after the European starling (Sturnus vulgaris), whose rapid, chaotic chatter reminded them of the malware’s unpredictable switching between simple and complex message patterns.

Sturnus uses Android’s Accessibility Service, a feature designed to help users with disabilities, as its primary weapon. By monitoring accessibility events, it can log everything typed on the device, track which apps are open, and reconstruct complete user activity even when traditional screen capture is blocked.

When victims open messaging apps, the malware automatically activates detailed UI monitoring, capturing contacts, conversation threads, and message content as it appears on screen.

The remote control capabilities are remarkably advanced. Attackers can view the victim’s screen in real time through two different capture methods that work across various Android versions.

Beyond just watching, they can click anywhere, inject text, scroll through apps, and grant permissions, all without physically touching the device.

A parallel control system transmits structured descriptions of every interface element, allowing attackers to operate efficiently even on slow connections without triggering the visual indicators that normally appear during screen recording.

Sturnus also makes itself extremely difficult to remove by obtaining Android Device Administrator privileges. Once granted, the malware monitors for any attempts to access the settings page where these privileges can be revoked, then automatically navigates away to interrupt the user. Standard uninstallation is blocked until these administrator rights are manually disabled.

Sturnus Major Capabilities
Sturnus Major Capabilities

The malware maintains awareness of its environment through extensive monitoring of system states, connectivity changes, battery levels, installed apps, and security settings. It checks for signs of forensic analysis or emulator environments, adjusting its behavior to avoid detection.

This information helps attackers assess risk and adapt their tactics based on the specific device and situation.

Current evidence suggests Sturnus is still in development or limited testing, with intermittent campaigns rather than widespread deployment. However, it’s already fully functional and configured with overlay templates targeting financial institutions across its focus regions.

The fact that researchers found it in this early stage is fortunate, as it provides an opportunity for detection mechanisms to be developed before a major campaign launches.

End-to-end encryption only protects your messages in transit. Once malware controls your device, it can access anything you can see on your screen. The weakest link isn’t the encryption algorithm but rather the endpoint itself.

For now, the best protection remains the basics: only install apps from trusted sources, never grant Accessibility Service permissions to apps that don’t actually need them, and be immediately suspicious if any app requests Device Administrator access.

Tags: AndroidCybersecurityEncryptionMalwareSignalTelegramTrojanWhatsApp
SendShare178Tweet111
Caleb Sama

Caleb Sama

Chief Editor. Pineapple on Pizza is absolutely great and let no one convince you otherwise. Pop in at: [email protected] to get in touch with me.

Related Posts

African Game Studios Can Now Apply for Google’s New $1 Million Fund

Google Tightens Play Store Terms Around Data, Sharing, and Billing

July 10, 2026
Muse Image

Meta Launches Muse Image, Its First In-House AI Image Generator

July 8, 2026
AI

Kenya’s AI Policy, As the Government Sees It

July 7, 2026
WhatsApp Introduces Usernames and Username Key to Keep Phone Numbers Private

WhatsApp Starts Username Reservations Ahead of the Feature Rollout Later This Year

July 11, 2026
No Extension This Year, KRA Warns on Late Tax Filing

No Extension This Year, KRA Warns on Late Tax Filing

June 27, 2026
WhatsApp

WhatsApp Now Warns You Before You Open a Chat With a Stranger

June 26, 2026

Latest

Apple Drags OpenAI to Court Over Stolen Hardware Secrets

Apple Drags OpenAI to Court Over Stolen Hardware Secrets

July 13, 2026
High Court ruling: Safaricom 60% and DTB 40% Liable in KSh 4.42M SIM-swap Fraud Case

Kenyan Court Rules Safaricom, DTB Must Pay Customer KES 4.4M After SIM Swap Fraud

July 13, 2026
Period Tracker

Period Tracker: An App That Prioritizes Simplicity and Privacy

July 11, 2026
How to Block Muse Image From Downloading and Remixing Your Reels

Meta Halts Muse Image After Outcry Over Risks of AI-Generated Content

July 11, 2026
Biggest Taxpayers Remain a Small Group of Formal Businesses, KRA Data Shows

Biggest Taxpayers Remain a Small Group of Formal Businesses, KRA Data Shows

July 11, 2026
How to Block Muse Image From Downloading and Remixing Your Reels

Muse Image: How to Block Others From Generating AI Content Using Your Instagram Posts

July 11, 2026

Best devices

Best Infinix Phones of 2025

Best Infinix Phones of 2025: Budget Prices With Premium Features

December 31, 2025

The Best Infinix Accessories Worth Buying in 2025

November 26, 2025

Best Budget Wireless Earbuds To Buy in Kenya (2025)

October 8, 2025

Samsung Galaxy A36 5G vs Samsung Galaxy A56 5G: Comparison Review

August 29, 2025

Infinix Hot 60 Pro+ vs Infinix Hot 60i: Comparison Review

August 22, 2025

Best Budget Smartwatches To Buy in Kenya 2025

February 13, 2025

Techweez is where tomorrow’s tech stories break today, thanks to intelligent analysis, real-world insight, and visionary storytelling.

Follow Us

Editorials

Period Tracker: An App That Prioritizes Simplicity and Privacy

Inside Bumble, the Dating App Where Women Call the Shots

Locket: Photo Sharing App With No Feed, No Likes, and No Algorithms

Couple Joy: A Long-Distance Dating App That Builds Intimacy in Small Daily Acts

Airbuds: The App That Turns Your Music Into a Social Feed

Kenya Might Need to Crack Down on Wealth Porn Like China

More News

Google Tightens Play Store Terms Around Data, Sharing, and Billing

IEBC Owns Up to Cracks in 2022’s Dispute Resolution Process, Eyes Fixes Before 2027

New Bill Would Force Kenyan Motorists to Test Vehicle Emissions Every Year

Elon Musk Rebrands xAI as SpaceXAI and Launches Grok 4.5

KOKO Networks Puts Its Ethanol Empire Up For Sale

New Betting Rules Let Families Request Gambling Bans for Loved Ones

  • Terms Of Use
  • Techweez Brand
  • Privacy & Policy
  • Contact Us

© 2024 Techweez - Palahala Media Group may earn a commission when you buy through links on our sites.
A Palahala Media Group Brand. All rights reserved.
.

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist

Techweez | Tech News, Reviews, Deals, Tips and How To
Crunchy Cookies 🍪 Ahead!

Hey there! Just a heads-up: we're big fans of cookies - both the digital and edible kind! 🍪 We use our cookies and some from third parties to ensure your browsing experience on our site is smooth sailing and secure.

 

But wait, there's more! We also use cookies to gather stats and insights on how you navigate our site. It's like getting a behind-the-scenes peek at your digital adventures!

 

Don't worry, you're in control. You can adjust your cookie settings anytime to suit your preferences. Feeling curious? Dive into our Privacy Policy for all the juicy details. Happy browsing! 🚀

Functional Always active
Listen, this legal stuff is about as exciting as watching paint dry. But it basically says we only use your stuff for what you asked us to do, and nobody else gets to peek!
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
It's those sneaky cookie crumbs websites leave behind to count visitors, like counting ants at a picnic! Totally harmless, just for fun facts. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
Hey there! Just letting you know we use some fancy gizmos to remember your preferences. This way, we can show you ads that are, well, not completely bananas.
Manage options Manage services Manage {vendor_count} vendors Read more about these purposes
Make cookies
{title} {title} {title}
Techweez | Tech News, Reviews, Deals, Tips and How To
Crunchy Cookies 🍪 Ahead!
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
Listen, this legal stuff is about as exciting as watching paint dry. But it basically says we only use your stuff for what you asked us to do, and nobody else gets to peek!
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
It's those sneaky cookie crumbs websites leave behind to count visitors, like counting ants at a picnic! Totally harmless, just for fun facts. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
Hey there! Just letting you know we use some fancy gizmos to remember your preferences. This way, we can show you ads that are, well, not completely bananas.
Manage options Manage services Manage {vendor_count} vendors Read more about these purposes
Make cookies
{title} {title} {title}
No Result
View All Result
  • News
  • Reviews
  • Features
  • Editorial
  • Automotive
  • Entertainment

© 2024 Techweez - Palahala Media Group may earn a commission when you buy through links on our sites.
A Palahala Media Group Brand. All rights reserved.
.