Security experts have uncovered a sophisticated new Android banking trojan, dubbed "Sturnus," which has the capability to circumvent end-to-end encryption and pilfer data from widely-used communication platforms including Signal, WhatsApp, and Telegram. This malicious software propagates via APK files that are camouflaged as system-level applications. It takes advantage of Android system permissions to acquire extensive control over compromised devices. Operating stealthily in the background, Sturnus can carry out activities such as screen monitoring and mimic user actions. Leveraging screen-reading technology, the trojan is able to intercept and capture unencrypted communication content. Moreover, when communicating with its command-and-control servers, it utilizes a dual-layered encryption approach to enhance its stealth. This enables attackers to conduct covert sensitive operations, such as unauthorized fund transfers, while effectively masking their tracks. To mitigate the risks posed by such threats, security agencies advise users to only download apps from reputable sources, exercise caution when encountering unknown APK files, and be judicious when granting accessibility permissions. As of now, no instances of this trojan have been detected in major app stores, and the inherent system protections provide a basic level of defense.