The Indian Computer Emergency Response Team (CERT-In) has recently discovered a dangerous Android malware called “Daam.” This malware has the capability to bypass phone security measures and gain unauthorised access to sensitive data, manipulate device settings, and remotely control the infected smartphone.
According to CERT-In, Daam malware primarily spreads through infected Android APK files, often downloaded from untrusted sources such as third-party websites or applications.
Once installed, Daam malware gains various permissions, including accessing browsing history, call logs, recordings, contacts, camera, and even altering device passwords. It can also steal SMS messages, capture screenshots, and download/upload files, all while transmitting the stolen data to a command-and-control server operated by the attackers.
To further complicate matters, Daam malware encrypts files on the victim’s device using the AES encryption algorithm. This results in the deletion of other files, leaving only the encrypted files marked with a “.enc” extension. Victims are also confronted with a ransom note titled “readme_now.txt,” intensifying the impact and fear caused by this malware.
To mitigate the risks associated with Daam malware, it is recommended to only download apps from official sources like the device manufacturer or operating system app store. Before installing any app, users should thoroughly review its details, user reviews, and comments, paying close attention to the “ADDITIONAL INFORMATION” section.
Users must carefully verify app permissions and grant only those relevant to the app’s intended functionality. It is strongly advised to disable the installation of apps from “Untrusted Sources” to prevent the infiltration of malicious software.
