Hadlee Simons / Android Authority
TL;DR A malware, called “Sturus,” has emerged, and it exploits Android’s accessibility features to spread on your phone even without you noticing.
It gains access to your Android after being installed via an APK file, and then monitors your phone’s interface, chats, and even button presses.
It then recreates fake banking app UIs to steal your banking data, and places restrictions that prevent it from being uninstalled.
If you think it’s admissible to download APKs from seemingly harmless nooks on the internet, there’s a new pressing reason for you to reconsider that thought. That’s because a new breed of malware has emerged that can snoop on your protected chats and target any banking services you use on your Android devices — and it originates from malicious APKs.
Researchers at MTI Security have identified a new Android trojanware called Sturnus that can bypass security measures, such as chat encryption, and surveil messages from popular messaging apps, including WhatsApp, Telegram, and Signal. It doesn’t do so by breaking into the chat encryption, but rather by seizing high-level access to the contents of the screen, thereby gaining visibility of your chats.
ThreatFabric
It can also recreate banking screens, using HTML overlays, with high accuracy to phish your login credentials and launch device-level attacks, allowing cybercriminals to take control of your device remotely. It can also create fake Android update overlays to hide malicious activity.
Don’t want to miss the best from Android Authority? Set us as a favorite source in Google Discover to never miss our latest exclusive reports, expert analysis, and much more.
to never miss our latest exclusive reports, expert analysis, and much more. You can also set us as a preferred source in Google Search by clicking the button below.
... continue reading