Daam Virus Steals Call Records, History from Android phones; Security Agency issues Advisory

New Delhi: The national cyber security agency has revealed that an Android malware named Daam virus that infects mobile phones and accesses private information including call logs, contacts, history, and camera has been spreading.

According to the Indian Computer Emergency Response Team or CERT-IN, the malware is also capable of “bypassing anti-virus programmes and deploying ransomware on the targeted devices”. The organisation serves as the federal government’s technological defence against cyberattacks and safeguards against hacking, phishing, and other internet attacks.

According to the the Central Intelligence the Android botnet is spread through third-party websites or programmes downloaded from questionable or unknown sources.

The virus aims to get past the device’s security check after it is installed, and once succeeding, it tries to steal sensitive information and rights like reading history and bookmarks, deactivating background processes, and reading call logs, among other things, according to the alert.

The advisory stated that “Daam” is also capable of hacking contacts, phone call recordings, camera access, changing device passwords, taking screenshots, stealing SMSes, downloading/uploading files, etc., and transmitting from the victim’s (affected person’s) device to the C2 (command-and-control) server.

According to the report, the malware encodes files on the victim’s device using the AES (advanced encryption standard) encryption method. Following the deletion of other data from the local storage, only the “.enc”-encrypted files and the “readme_now.txt” ransom letter remain, according to the advice.

To prevent being attacked by such viruses and malware, the central agency offered a number of dos and don’ts. It was warned not to visit “untrusted websites” or click on “untrusted links” by the Cert-In. It advised caution when clicking on any links contained in unsolicited emails and SMSes. It advised installing and keeping up with updated anti-virus and anti-spyware software.

Additionally, it advised users to be on the watch for “suspicious numbers” that don’t resemble “real mobile phone numbers,” as scammers frequently use email-to-text services to conceal their identities in order to avoid disclosing their actual phone numbers. Daam Virus Steals Call Records also

Instead of a phone number in the sender information section, “genuine SMS messages received from banks typically contain sender ID (consisting of bank’s short name),” it stated.

Process to stay away from ‘Daam’?

The following suggestions were made by CERT-IN to protect a device from Daam,

  • To lower the danger of downloading potentially malicious apps, only download from official app stores.
  • Before downloading an app, always read the description and user reviews. Also, only allow permissions that are necessary for the programme’s function.
  • Install Android updates solely from the manufacturers of Android devices as soon as they become available.
  • Avoid visiting dubious websites and clicking on dubious links.
  • Install up-to-current anti-virus and anti-spyware software and keep it up to date.
  • Be on the lookout for cellphone numbers that don’t appear to be ordinary or legitimate mobile numbers.
  • Do thorough study before simply clicking on a link that was provided in a communication.
  • Be cautious when clicking on shortened URLs, particularly those that use bit.ly and tinyurl, and only click on URLs that clearly state the website domain.
  • Use secure browsing software, firewall and antivirus software, and filtering services.
  • Check for active encryption certificates by looking for the green lock in the address bar of your browser before providing any sensitive information.
  • Any ‘strange’ activity in a user’s bank account must be reported right away to the relevant bank.


Trending Searches Today | Daam Virus Steals Call Records, History from Android phones; Security Agency issues Advisory