The Android banking trojan Sturnus now threatens more than financial data, exfiltrating chat messages from encrypted apps like Signal, WhatsApp, and Telegram. Its advanced capabilities include remote device control, file access, keyboard logging, and interception of two-factor codes, expanding risk beyond just bank accounts to sensitive business and client information.
IT leaders and managed service providers must reinforce mobile security with robust patch management, strict app permissions, user education, and mobile threat defence solutions, even in small businesses. Sturnus highlights the urgent need to protect not only financial assets but also business communications, with breaches risking both reputation and regulatory compliance. Vigilance and proactive defence are vital.
Sturnus Android Trojan: Beyond Banking – Now Exfiltrating Encrypted Chat Messages
