The Indian Computer Emergency Response Team (CERT-IN) has recently issued an advisory alerting user about a dangerous Android malware called ‘Daam.’ This sophisticated malware has the potential to cause significant harm to your device and compromise your sensitive data. Understanding the intricacies of this malware is crucial for safeguarding your Android device and personal information.
How Does ‘Daam’ Impact Your Device?
According to CERT-IN, ‘Daam’ utilizes various Android APK files to gain unauthorized access to a user’s device. The malware often spreads through third-party websites and disguises itself as legitimate applications. Once installed, ‘Daam’ employs advanced techniques to encrypt files stored on the device using the AES encryption algorithm.
As a result, the malware renders the original files inaccessible and replaces them with encrypted versions, identifiable by the ‘.enc’ extension. In addition, a ransom note named ‘readme_now.txt’ may appear, demanding payment for decryption.
The Wide-Ranging Effects of ‘Daam’
‘Daam’ is a highly versatile and malicious malware that poses numerous risks to the user’s privacy and security. CERT-IN has identified several harmful capabilities associated with this malware, including:
Call Recording and Contact Hacking:
‘Daam’ can gain unauthorized access to call recordings and contact lists, potentially compromising sensitive information.
Unauthorized Camera Access:
The malware can take control of the device’s camera, allowing it to capture images or videos without the user’s knowledge or consent.
Password Modification:
‘Daam’ has the ability to modify passwords stored on the device, potentially granting the attacker access to personal accounts and sensitive data.
Screenshot Capturing:
The malware can discreetly capture screenshots of the device’s display, potentially exposing sensitive information.
SMS Theft:
‘Daam’ can intercept and steal SMS messages, including one-time passwords (OTPs) or other confidential information.
File Downloading/Uploading:
The malware can initiate unauthorized file transfers, download malicious content onto the device or upload sensitive files to remote servers controlled by the attacker.
Protecting Your Device from ‘Daam’
To safeguard your device from the ‘Daam’ malware, CERT-IN provides the following comprehensive recommendations:
Download apps exclusively from official app stores, such as Google Play Store to minimize the risk of installing potentially harmful applications.
Conduct thorough research before downloading any app, reviewing details and user reviews to ensure its legitimacy and safety. Only grant app permissions that are relevant to the app’s intended functionality.
Regularly install Android updates from trusted sources, including official Android device vendors, as these updates often include essential security patches.
Exercise caution while browsing the internet and avoid visiting untrusted websites. Refrain from clicking on suspicious links or pop-up ads that may redirect you to malicious sources.
Install and maintain up-to-date antivirus and antispyware software on your device. Regularly scan your device for malware and promptly remove any detected threats.
Be vigilant when encountering mobile numbers that appear suspicious or unconventional. Avoid responding to or engaging with unsolicited calls or messages.
Refrain from clicking on links provided in messages or emails without verifying their authenticity. Avoid visiting unfamiliar websites or clicking on URLs with shortened links, especially those using services like bit.ly and TinyURL.
Utilize safe browsing tools, enable filtering options in antivirus software, and consider using firewall protection and filtering services for additional security layers.
Always verify the presence of a valid encryption certificate, typically indicated by a green lock symbol in the browser’s address bar, before entering sensitive information on websites.
If you notice any unusual activities or unauthorized transactions in your bank account, report them immediately to the respective bank for further investigation and assistance.
By following these comprehensive preventive measures, users can fortify their devices against the ‘Daam’ malware and significantly reduce the risk of falling victim to its malicious intentions. Stay vigilant, prioritize the security of your Android device, and protect your valuable personal data.
