In a recent development, the Central government has issued a warning regarding a malicious software known as ‘Daam,’ which poses a significant threat to Android phones. The advisory, issued by the Indian Computer Emergency Response Team (CERT-In), the national cybersecurity agency, emphasizes that this malware has the ability to infiltrate various aspects of a user’s device, including call records, contacts, browsing history, and even the camera. According to the advisory, the ‘Daam’ virus possesses the capability to bypass antivirus programs and execute ransomware attacks on targeted devices. The malware predominantly spreads through third-party websites or applications obtained from untrustworthy or unfamiliar sources, as highlighted by the agency.
Once the ‘Daam’ virus successfully gains access to an Android phone, it circumvents the device’s security measures. Subsequently, it proceeds to compromise sensitive data such as call records and history. The advisory also points out that this malware can manipulate phone call recordings, access contact lists, tamper with device passwords, capture screenshots, pilfer SMS messages, and engage in file downloading and uploading activities. The stolen information is then transmitted to a command-and-control (C2) server from the victim’s device.
Furthermore, the ‘Daam’ malware utilizes the advanced encryption standard (AES) algorithm to encrypt files on the infected device. As a consequence, other files are deleted from storage, leaving only the encrypted files, which bear the “.enc” extension, along with a ransom note named “readme_now.txt.” This advisory serves as a cautionary measure, urging users to remain vigilant while downloading applications or visiting websites from untrusted sources. Implementing robust cybersecurity practices and refraining from accessing unknown links can help mitigate the risks posed by this malware and other similar threats.