What is Daam Malware?

May 29, 2023

The Central government recently issued an advisory warning individuals about a dangerous malware known as ‘Daam’ that specifically targets Android phones. This advisory highlights the severity of the threat and provides crucial information on how to safeguard personal data and devices from potential attacks.

Understanding Daam Malware

Daam is a malicious software that possesses the capability to infiltrate Android devices and gain unauthorized access to various sensitive components, including call records, contacts, history, and even the device’s camera.

Distribution and Modus Operandi

The Daam malware primarily spreads through third-party websites or applications obtained from untrusted or unknown sources. By luring users into downloading and installing infected files, the malware manages to bypass security checks implemented on Android devices.

Once the Daam malware successfully bypasses the security check, it starts its nefarious activities. Its primary objective is to compromise sensitive data stored on the targeted device, such as call records and history. Additionally, Daam can modify device passwords, leaving users vulnerable to unauthorized access and control.

Encryption Algorithm and File Manipulation

Daam utilizes the AES (advanced encryption standard) encryption algorithm to encode files present on the victim’s device. This encryption process results in the deletion of non-encrypted files, leaving only the encrypted ones with the “.enc” extension. Victims also receive a ransom note, typically named “readme_now.txt,” which serves as a demand for payment in exchange for restoring access to the compromised files.

Precautions and Best Practices

In light of this advisory, several precautions are recommended to protect oneself against the Daam malware and similar threats. Firstly, it is crucial to avoid visiting untrusted websites and refraining from clicking on unverified links. These measures significantly reduce the risk of inadvertently downloading infected files or accessing malicious content.

Furthermore, keeping antivirus software up to date is essential. Regularly updating your antivirus program ensures that it remains equipped with the latest security patches and can effectively detect and neutralize potential threats like Daam.

Identifying Suspicious Numbers and Exercising Caution with Shortened URLs

Users should exercise caution when encountering suspicious numbers that do not appear to be genuine mobile phone numbers. Scammers often use email-to-text services to mask their true identities, making it crucial to remain vigilant and skeptical of such communication.

Shortened URLs, particularly those utilizing ‘bitly’ and ‘tinyurl’ hyperlinks (e.g., “https://bit.ly/” or “bit.ly” and “tinyurl.com/”), should also be approached with caution. These URLs may redirect users to potentially harmful websites or initiate malicious downloads.

« Previous PostNext Post »