6 days until XMAS. Massive discount Galaxy Z Fold7, Watch8, S25 Ultra and S95F OLED TV
Login or Join

Search

    BEST PICKS BY OUR SAMSUNG EXPERTS
    HOT RIGHT NOW
    galaxy s25 ultra – samsung apps
    Order the King of Android!
    Latest reviews
    samsung galaxy ai
    Feel the power of Galaxy AI in the palm of your hands!
    BEST PICKS BY OUR SAMSUNG EXPERTS
    HOT RIGHT NOW
    TV
    samsung qd-display explained
    Mihai Matei Explaining Samsung's QD-Display technology
    Trending
    samsung-one-ui-8.5
    Everything about the latest version of One UI
    Trending
    Samsung Galaxy AI vs. Apple Intelligence
    20250304_090612
    Your all-in-one post!
    BEST PICKS BY OUR SAMSUNG EXPERTS
    hot right now
    vacuum cleaners
    samsung-digital-appliances-bespoke-ai-jet-ultra-worlds-most-powerful-cordless-stick-vacuum-cleaner_main1
    Bespoke AI Jet Ultra

    Last updated: November 25th, 2025 at 18:49 UTC+01:00

    SamMobile has affiliate and sponsored partnerships, we may earn a commission.

    Your Galaxy device may be at risk from this new malware targeting bank apps

    Large scale attacks may be on the horizon.

    Adnan Farooqui

    Reading time: 2 minutes

    galaxy s23 ultra review 15
    Phone

    Google and its device partners like Samsung have taken considerable steps to ensure the security of their software and hardware. Despite the efforts, threat vectors are becoming increasingly sophisticated.

    A new Android malware has been identified that has the capability to steal sensitive information from banking apps and capture encrypted messaging on popular apps like WhatsApp without the user ever finding out.

    Attackers can use this malware to steal banking information

    Threatfabric reports that a privately operated Android banking trojan called Sturnus has been identified by MTI Security researchers. It's a highly potent threat vector that's capable of full device takeover.

    It can even bypass encrypted messaging by simply capturing content from the device's screen after the messages are decrypted by apps like WhatsApp, Telegram, and Signal. The trojan isn't trying to break the encryption, it's simply recording content from the device's screen.

    This malware can even steal login credentials for banking apps by displaying fake but very convincing login screens. You'll enter the credentials on what appears to be the login screen of your banking app but in reality those credentials would be sent straight to the attackers.

    The analysis has also revealed that this malware provides significant remote control capabilities to the attackers. They can observe all user activity, push text to the device, and also black out the device screen as they execute fraudulent transactions in the background.

    Sturnus hasn't been deployed at scale yet. The report mentions that the malware appears to be in development or limited testing phase, with targeted attacks being carried out across Southern and Central Europe. This may suggest the groundwork is being laid for a wider attack.

    Given that Sturnus has been identified, it's likely that Google may already be looking to shore up Android's defenses. Just ensure that you follow best data security practices and have two-factor authentication enabled wherever possible to protect yourself.

    Google Preferred News Source
    Adnan Farooqui - Author Image

    Adnan Farooqui - Executive Editor

    [email protected]

    First Samsung device: SGH-E900

    Adnan Farooqui is a long-term writer at SamMobile. Based in Pakistan, his interests include technology, finance, Swiss watches and Formula 1. His tendency to write long posts betrays his inclination to being a man of few words.

    Phone Malware
    Advertisement