A new Android malware called ‘Daam’ has been identified by the Indian Computer Emergency Response Team (CERT-In) as capable of infecting mobile phones and hacking into sensitive data, including call records, contacts, history, and camera. The malware has the potential of bypassing anti-virus programs and deploying ransomware on targeted devices. The malware gets distributed through third-party websites or applications downloaded from untrusted/unknown sources.
Capabilities of Daam
The malware bypasses the device’s security check and attempts to steal sensitive data, read history and bookmarks, kill background processing, and read call logs. Daam can also hack phone call recordings, contacts, gain access to the camera, modify device passwords, capture screenshots, steal SMSes, and download/upload files. The malware uses the advanced encryption standard (AES) encryption algorithm to code files on the victim’s device. Other files get deleted from the local storage, leaving only the encrypted files with “.enc” extension and a ransom note that says “readme_now.txt.”
Preventive Measures Against Daam
To avoid being attacked by such viruses and malware, CERT-In suggests a few do’s and don’ts. The agency advises against browsing untrusted websites or clicking on untrusted links. Caution should be exercised while clicking on any link provided in unsolicited emails and SMSes. It is essential to install and maintain updated anti-virus and anti-spyware software.
Users should be on the lookout for suspicious numbers that don’t look like real mobile phone numbers. Scammers often mask their identity by using email-to-text services to avoid revealing their actual phone number. Genuine SMS messages received from banks usually contain sender ID consisting of the bank’s short name instead of a phone number in the sender information field. Users are also advised to exercise caution towards shortened URLs involving ‘bitly’ and ‘tinyurl’ hyperlinks like: “http://bit.ly/” “nbit.ly” and “tinyurl.com/”.
To be safe, users should hover their cursors over the shortened URLs to see the full website domain they are visiting or use a URL checker that will allow the user to enter a short URL and view the full URL.
It is crucial to exercise caution while browsing the internet, downloading applications, and clicking on links. Staying vigilant and keeping anti-virus and anti-spyware software updated can go a long way in avoiding attacks by malware and viruses like Daam.
Leave a Reply