‘Daam’, a malware that affects Android devices: All you need to know

The Indian Computer Emergency Response Team (CERT-IN) has issued an advisory regarding ‘Daam,’ which it says is an Android malware that is ‘capable of stealing sensitive data, bypassing antivirus programs, and deploying ransomware on the targeted devices.’

How does ‘Daam’ affect a device?

According to CERT-IN, the central nodal agency that responds to computer security-related incidents, Daam communicates with various Android APK files to access a phone. Being distributed through third-party websites, it encrypts files in the phone through the AES encryption algorithm.

Following this, files get deleted from the local storage; only the ones encrypted are left behind, and with ‘.enc’ extension and ‘readme_now.txt,’ a ransom note.

In what ways can ‘Daam’ affect a device?

The malware, as per the agency, is capable of hacking call recordings and contacts; gaining access to the camera, modifying passwords, capturing screenshots, stealing SMS, downloading/uploading files, and more.

How to stay away from ‘Daam’?

CERT-IN gave the following recommendations to keep a device safe from Daam:

(1.) Download only from official app stores to reduce the risk of potentially harmful apps.

(2.) Always review app details, user reviews before downloading it; also, grant only those permissions that are relevant to the purpose of the app.

(3.) Install Android updates as and when available, and only from Android device vendors.

(4.) Do not browse un-trusted websites or follow un-trusted links.

(5.) Install and maintain updated anti-virus and antispyware software.

(6.) Be vigilant if you see mobile numbers that don’t look like genuine/regular mobile numbers.

(7.) Do not just click on a link provided in a message; do extensive research first.

(8.) Click only those URLs that clearly indicate the website domain; exercise caution towards shortened URLs,…