Samsung Users in Pakistan Beware! New Android Malware ‘Sturnus’ Can Steal Your Banking Data

A newly identified Android malware known as Sturnus has raised fresh concerns for smartphone users worldwide, including those in Pakistan. Security analysts warn that although the malware is currently active in parts of Europe, its advanced capabilities suggest a high likelihood of wider, global deployment, putting millions of Android users, particularly Samsung Galaxy owners, at potential risk.

According to a detailed assessment by MTI Security and ThreatFabric, Sturnus is a sophisticated banking trojan designed to gain full control of an infected device. Once installed, it can steal sensitive information by displaying highly convincing fake login screens for banking applications. Any credentials entered by the user are instantly transmitted to the attackers.

Researchers say the malware’s threat extends beyond financial data. Instead of attempting to break encryption on messaging apps such as WhatsApp, Telegram, and Signal, Sturnus simply captures on-screen content after messages are decrypted on the device. This allows the Trojan to bypass encryption entirely, giving attackers access to private conversations without alerting the user.

The analysis further reveals that Sturnus enables extensive remote control capabilities, allowing attackers to monitor activity on the device, issue commands, and even black out the screen while fraudulent transactions or actions are carried out in the background. This makes the malware particularly dangerous for users who rely on mobile banking and digital wallets.

While large-scale attacks have not yet been reported, researchers believe the malware is in a development or controlled testing phase, with early activity concentrated across Southern and Central Europe. This pattern, they warn, often precedes broader, more aggressive campaigns.

Cybersecurity experts in Pakistan say the threat should not be taken lightly. With the country’s growing reliance on mobile banking services, including apps from local banks as well as platforms like JazzCash and Easypaisa, a malware strain capable of hijacking devices could have serious financial implications. Pakistan’s sizeable Android user base, dominated by Samsung phones, only heightens the concern.

While Google is expected to reinforce Android’s security framework, specialists emphasize that users must remain vigilant. They advise avoiding unofficial app downloads, regularly reviewing app permissions, updating devices promptly, and enabling two-factor authentication across all financial platforms.

As mobile banking adoption accelerates in Pakistan, cybersecurity analysts stress that public awareness and responsible digital hygiene remain the first line of defense against evolving malware threats like Sturnus.

Also read:

Samsung Galaxy S26 Series RAM and Storage Options Leak Ahead of Launch