In a recent advisory, the national cyber security agency has raised an alarm about a new Android malware called ‘Daam’ that is spreading rapidly and compromising mobile phones, jeopardizing sensitive data such as call records, contacts, and browsing history. This malicious software has the ability to infiltrate devices, bypass antivirus programs, and even deploy ransomware, according to the Indian Computer Emergency Response Team (CERT-In).
The CERT-In, which is responsible for safeguarding against cyber-attacks and online threats, has cautioned that the ‘Daam’ virus can be disseminated through third-party websites or applications from untrusted sources. Once it infiltrates a device, it bypasses security checks and proceeds to pilfer valuable information, gain access to the camera, modify passwords, capture screenshots, steal SMS messages, and even download/upload files. The stolen data is then transmitted to a command-and-control server operated by the perpetrators.
To mitigate the risk of falling victim to such viruses and malware, the Central agency has provided a set of guidelines. Users are advised to refrain from browsing untrusted websites and clicking on suspicious links, particularly those received through unsolicited emails and SMS messages. Installing and regularly updating reliable antivirus and anti-spyware software is strongly recommended. Additionally, caution should be exercised when encountering phone numbers that appear suspicious or abnormal, as scammers often disguise their identity using email-to-text services. Users are advised to scrutinize SMS messages from banks, which typically include the bank’s short name as the sender ID rather than a phone number.
The advisory further alerts users about the potential dangers associated with shortened URLs, such as those utilizing ‘bitly’ or ‘tinyurl’ services. To verify the authenticity of such links, users are encouraged to hover their cursors over them to reveal the full website domain or use a URL checker tool.
The discovery of the ‘Daam’ malware serves as a reminder of the ever-evolving threats faced in the digital realm. By staying vigilant and adhering to the recommended precautions, users can significantly reduce their vulnerability to such attacks and ensure the security of their Android devices.