The Indian Computer Emergency Response Team (CERT-In) under the Ministry of Electronics and Information Technology has spotted a new Android malware named “Daam.” Once placed in the device, this malware can bypass the security check of the phone to steal sensitive data from the phone, accessing critical permissions, hacking call logs, modify device passwords and more. In short, Daam malware is capable of remotely controlling the smartphone once it reaches the device.
ALSO READ l Government issues warning for these Samsung, Microsoft and Google users: Details
The report from CERT-in states that the Daam malware is primarily spreading through various Android APK files, infecting devices when downloaded from untrusted or unknown sources, often found on third-party websites or applications.
Among the alarming features of Daam, it can obtain permissions such as reading browsing history and bookmarks, terminating background processes, accessing call logs, hacking call recordings, compromising contacts, infiltrating the camera, altering device passwords, capturing screenshots, stealing SMS messages, and even downloading/uploading files. The stolen data is then transmitted to a command-and-control (C2) server controlled by the bad actors.
Daam employs the AES encryption algorithm to encrypt files stored on the victim’s device. As a result, other files are deleted, leaving only the encrypted files with a distinct “.enc” extension. A ransom note titled “readme_now.txt” is also left behind, adding to the distress of those affected by this malware.
To reduce the risks associated with this widespread android malware, government recommends several key measures such limiting app downloads to official sources such as the device’s manufacturer or operating system app store.
Before installing any app, users should carefully review the app details, user reviews, and comments, pay special attention to the “ADDITIONAL INFORMATION” section.
It is crucial to verify app permissions and grant only those that are relevant to the app’s usage. Disabling the option to install side-loaded apps from “Untrusted Sources” is also advised.
ALSO READ l WhatsApp scam alert! How this Gurugram techie lost Rs 42 lakh after liking a YouTube video
Users should promptly install Android updates and patches provided by their device vendors.