You may want to think twice if your team uses WhatsApp for work communication. Here’s why 👇
Security researchers are warning of malware known as Sturnus, which targets Android devices.
And most people don't realise just how powerful its capabilities really are.
It can read encrypted messages from WhatsApp, Signal and Telegram in real time, without needing to ‘break’ the encryption.
It does this by waiting for the message to appear on the screen, then captures it.
Sturnus is a powerful trojan more often seen in banking exploits, as it gives attackers full control of an infected Android device.
It usually gets onto a device through fake system updates or apps posing as something else (like Chrome).
Once installed, it can:
- Read everything on the screen
- Capture typed text, contact names, and messages
- Use fake overlay screens to capture bank details
- Monitor app activity
- Take remote control through a live session
- Approve MFA prompts, tap buttons, transfer money
- Use fake system update screens to hide malicious actions
- Block your ability to uninstall it
Sturnus isn’t widespread yet, but its architecture is designed for scalability, meaning it could be widely adopted quite quickly.
Here’s the part that really matters to businesses:
📌 If you have malware on your device, end-to-end encryption won’t protect you
📌 Consumer messaging apps were never designed for sensitive business information
📌 Every app (including WhatsApp) is compromised if the phone is
Businesses should remind all staff that apps like WhatsApp, Telegram and Signal should not be used for business communications.
Dedicated apps like Microsoft Teams and business email allow for tighter access controls and admin oversight. Also offering more compliance options and secure device management.
WhatsApp doesn’t.
Sturnus could introduce serious risk to a business if some of the team mix personal apps with business communication for the sake of convenience.
🤔 Do you think your staff still use WhatsApp for business chat?
Leave a comment!