Government’s cyber security agency warns Android users about new malware

Cert-In said that 'Daam' malware can hack phone call recordings, contacts, camera, modifying device passwords, capturing screenshots and more.

Technology
By Sunita 0
Daam malware
Photo: IANS

The Indian Computer Emergency Response Team (Cert-In) has issued a warning against a new Android malware called ‘Daam’. According to Cert-In, the Daam malware spreads through third party apps or websites and can hack your Android mobile phones and steal sensitive data like call records, contacts, history etc.

Moreover, the malware is capable of “bypassing anti-virus programs and deploying ransomware on the targeted devices, stated the latest advisory by the national cyber security agency.

What is Dam malware and how does it spread

The Android malware reportedly spreads through third-party websites or apps that have been downloaded from untrusted/unknown sources. After the infected app is installed on the phone , the malware tries to bypass the security check of the device and after a successful attempt, it steals sensitive data, and permissions such as reading history and bookmarks, killing background processing, and reading call logs etc.

Cert-In said that ‘Daam’ is capable of hacking phone call recordings, contacts, gaining access to the camera, modifying device passwords, capturing screenshots, stealing SMSes, and downloading/uploading files, among others.

Furthermore, it transmits data to the command-and-control server from the victim’s device. The malware uses the advanced encryption standard (AES) encryption algorithm to code files in the victim’s device. After that it deletes files on the victim’s device from the local storage. Only the encrypted files with “.enc” extension along with a ransom note that says “readme_now.txt are left.

How to safeguard your Android device from Daam malware

Do not click on malicious-looking links:

You can prevent your android device from being affected by the Daam malware by taking some precautions like not browsing “un-trusted websites” or clicking on “un-trusted links”. Cert-In advised that users should refrain from clicking on any link provided in unsolicited emails and SMSes.

You should also remain alert while clicking on the shortened URLs, such as those involving ‘bitly’ and ‘tinyurl’ hyperlinks. First, check the full website domain which your are visiting by hovering the cursors over the shortened URLs.

Look for suspicious numbers:

Cybercriminals often use suspicious numbers to hack into your device so be alert when you receive texts or emails from numbers that don’t look like “real mobile phone numbers.” Scammers often mask their identity by using email-to-text services to avoid revealing their actual phone number.

“Genuine SMS messages received from banks usually contain sender ID (consisting of bank’s short name) instead of a phone number in the sender information field,” it said.
Android device users are also advised to install and/ or update their antivirus and anti-spyware software.

Also Read: New Malware Alert! Nearly 90 Lakh Android Devices Infected With Guerilla Malware

 
Kalinga TV is now on WhatsApp. Join today to get latest Updates
 
Sunita 5521 news 10 comments

Hi I am Sunita and i work as a copy editor in KalingaTV.com. I write articles on varied segments including Tech and Automobile. Also I am passionate towards writing State and news stories.

You might also like More from author
Leave A Reply

Your email address will not be published.