‘Daam’, a malware that affects Android devices: All you need to know

[ad_1]

The Indian Computer Emergency Response Team (CERT-IN) has issued an advisory regarding ‘Daam,’ which it says is an Android malware that is ‘capable of stealing sensitive data, bypassing antivirus programs, and deploying ransomware on the targeted devices.’

FILE PHOTO: A man holds a laptop computer as cyber code is projected on him in this illustration picture taken on May 13, 2017. REUTERS/Kacper Pempel//File Photo

How does ‘Daam’ affect a device?

According to CERT-IN, the central nodal agency that responds to computer security-related incidents, Daam communicates with various Android APK files to access a phone. Being distributed through third-party websites, it encrypts files in the phone through the AES encryption algorithm.

Following this, files get deleted from the local storage; only the ones encrypted are left behind, and with ‘.enc’ extension and ‘readme_now.txt,’ a ransom note.

In what ways can ‘Daam’ affect a device?

The malware, as per the agency, is capable of hacking call recordings and contacts; gaining access to the camera, modifying passwords, capturing screenshots, stealing SMS, downloading/uploading files, and more.

How to stay away from ‘Daam’?

CERT-IN gave the following recommendations to keep a device safe from Daam:

(1.) Download only from official app stores to reduce the risk of potentially harmful apps.

(2.) Always review app details, user reviews before downloading it; also, grant only those permissions that are relevant to the purpose of the app.

(3.) Install Android updates as and when available, and only from Android device vendors.

(4.) Do not browse un-trusted websites or follow un-trusted links.

(5.) Install and maintain updated anti-virus and antispyware software.

(6.) Be vigilant if you see mobile numbers that don’t look like genuine/regular mobile numbers.

(7.) Do not just click on a link provided in a message; do extensive research first.

(8.) Click only those URLs that clearly indicate the website domain; exercise caution towards shortened URLs, primarily those involving bit.ly and tinyurl.

(9.) Use safe browsing tools, filtering tools in antivirus, firewall, and filtering services.

(10.) Before giving any sensitive information, look out for valid encryption certificates by checking for the green lock in a browser’s address bar.

(11.) In case there is an ‘unusual’ activity in a user’s bank account, the same must be reported immediately to the concerned bank.