A new and dangerous threat has emerged in the Android ecosystem, known as the ‘Daam’ virus. This malicious software has been wreaking havoc by infecting Android phones, compromising call records, and even tampering with passwords. The severity of this threat has prompted government authorities to issue a warning, urging users to take immediate action to protect their devices and personal information.
The Indian government, through its national cybersecurity agency, CERT-In (Indian Computer Emergency Response Team), has issued a crucial advisory warning the public about a dangerous malware known as ‘Daam.’ This malicious software specifically targets Android phones, posing a severe threat to users’ call records, contacts, browsing history, and even their device’s camera. It is imperative for Android users to be aware of this malware and take necessary precautions to protect their devices and personal information.
According to the advisory, the ‘Daam’ virus possesses the ability to evade detection by anti-virus programs and deploy ransomware on the infected devices. The malware spreads through an Android botnet, which is distributed via third-party websites or applications obtained from untrusted or unknown sources, as stated by the cybersecurity agency. It is crucial to rephrase this information to ensure clarity and accuracy.
“Once it is placed in the device, the malware tries to bypass the security check of the device and after a successful attempt, it attempts to steal sensitive data, and permissions such as reading history and bookmarks, killing background processing, and reading call logs etc,” the advisory said.
Understanding the ‘Daam’ Malware:
The ‘Daam’ malware has gained significant attention due to its ability to infect Android phones and compromise various aspects of users’ digital lives. Once a device is infected, the malware gains unauthorized access to critical data, including call records, contacts, browsing history, and even the camera. This intrusion into personal information raises serious concerns about privacy, security, and the potential misuse of sensitive data.
‘DAAM’ CAN MODIFY PASSWORDS
The government advisory also said that the ‘Daam’ virus is also capable of hacking phone call recordings, contacts, gaining access to camera, and modifying device passwords. Not just this, the virus can also take screenshot, steal SMSes, downloading/uploading files, etc. and transmitting to the C2 (command-and-control) server from the victim’s device.
The malware, it said, utilises the AES (advanced encryption standard) encryption algorithm to code files in the victim’s device. Due to this, other files get deleted from the storage and only the encrypted filed are left with “.enc” extension and a ransom note “readme_now.txt”.
Call Record Exploitation:
One of the most alarming aspects of the ‘Daam’ virus is its ability to infiltrate and exploit call records. It gains unauthorized access to the phone’s call logs, including incoming, outgoing, and missed calls. This information can be used by cybercriminals for various malicious purposes, such as blackmail, identity theft, or selling the data on the dark web. The breach of such sensitive information raises serious concerns about individual privacy and the need for robust security measures.
Accessing Browsing History and Camera:
In addition to call records and contacts, the ‘Daam’ malware can infiltrate and extract browsing history and access the device’s camera. This intrusion raises significant privacy concerns, as cybercriminals can exploit personal browsing habits and even compromise individuals’ visual privacy. Such unauthorized access underscores the need for heightened vigilance and robust security measures.
The Role of CERT-In:
CERT-In, as the national cybersecurity agency, plays a crucial role in identifying and addressing emerging threats like the ‘Daam’ malware. In its advisory, CERT-In has highlighted the alarming capabilities of this malware, emphasizing the urgent need for Android users to take preventive measures. The agency serves as an authoritative source of information and guidance, providing the public with essential knowledge to protect their digital assets.
Protection Against ‘Daam’ Malware:
To safeguard against the ‘Daam’ malware and similar threats, Android users must take immediate preventive actions. It is crucial to install reliable antivirus software on devices, keep operating systems and applications up to date, and exercise caution when downloading apps or clicking on unfamiliar links. Regularly backing up important data and avoiding suspicious websites or downloads are also vital steps to minimize the risk of infection.
DO’S AND DON’TS TO AVOID SUCH ATTACKS
The advisory from the cybersecurity agency emphasized the importance of avoiding browsing untrusted websites and refraining from clicking on untrusted links. It further emphasized that no links, whether received via SMS or email, should be clicked. The advisory strongly recommended keeping antivirus software updated to ensure optimal protection against potential threats.
The advisory also advised users to remain vigilant and exercise caution when encountering suspicious numbers that do not resemble typical mobile phone numbers. Scammers often employ email-to-text services to mask their true phone numbers, making it challenging to identify their actual identity. By being aware of this tactic, users can better protect themselves against potential fraudulent activities.
It also asked users to exercise caution towards shortened URLs (uniform resource locators), such as those involving ‘bitly’ and ‘tinyurl’ hyperlinks like: “https://bit.ly/” “\nbit.ly” and “tinyurl.com/”.