Android: Government’s cyber security agency Cert-In has a ‘warning’ for all Android users – Times of India
According to the national cyber security agency’s latest advisory, the malware is capable of “bypassing anti-virus programs and deploying ransomware on the targeted devices”.
How Daam malware spreads
Cert-In said that the Android malware is distributed through third-party websites or apps that have been downloaded from untrusted/unknown sources.
“Once it is placed in the device, the malware tries to bypass the security check of the device and after a successful attempt, it attempts to steal sensitive data, and permissions such as reading history and bookmarks, killing background processing, and reading call logs etc,” the advisory said.
What makes ‘Daam’ dangerous
‘Daam’ is capable of hacking phone call recordings, contacts, gaining access to the camera, modifying device passwords, capturing screenshots, stealing SMSes, and downloading/uploading files, among others.
The malware also transmits data to the command-and-control server from the victim’s device, the advisory said. It is said to utilise the advanced encryption standard (AES) encryption algorithm to code files in the victim’s device.
The files on the victim’s device are deleted from the local storage, and there are only the encrypted files with “.enc” extension along with a ransom note that says “readme_now.txt”, the advisory said.
How to safeguard
Do not click on malicious-looking links: Cert-In advised Android users to not browse “un-trusted websites” or click on “un-trusted links”. It said that users must exercise caution while clicking on any link provided in unsolicited emails and SMSes, it said.
Additionally, users must be cautious with shortened URLs, such as those involving ‘bitly’ and ‘tinyurl’ hyperlinks. They can hover their cursors over the shortened URLs to see the full website domain which they are visiting.
Look for suspicious numbers: The advisory said that users must be on the lookout for “suspicious numbers” that don’t look like “real mobile phone numbers” as scammers often mask their identity by using email-to-text services to avoid revealing their actual phone number.
“Genuine SMS messages received from banks usually contain sender ID (consisting of bank’s short name) instead of a phone number in the sender information field,” it said.
Android device users are also advised to install and/ or update their antivirus and anti-spyware software.
function loadGtagEvents(isGoogleCampaignActive) { if (!isGoogleCampaignActive) { return; } var id = document.getElementById('toi-plus-google-campaign'); if (id) { return; } (function(f, b, e, v, n, t, s) { t = b.createElement(e); t.async = !0; t.defer = !0; t.src = v; t.id = 'toi-plus-google-campaign'; s = b.getElementsByTagName(e)[0]; s.parentNode.insertBefore(t, s); })(f, b, e, 'https://www.googletagmanager.com/gtag/js?id=AW-877820074', n, t, s); };
window.TimesApps = window.TimesApps || {}; var TimesApps = window.TimesApps; TimesApps.toiPlusEvents = function(config) { var isConfigAvailable = "toiplus_site_settings" in f && "isFBCampaignActive" in f.toiplus_site_settings && "isGoogleCampaignActive" in f.toiplus_site_settings; var isPrimeUser = window.isPrime; if (isConfigAvailable && !isPrimeUser) { loadGtagEvents(f.toiplus_site_settings.isGoogleCampaignActive); loadFBEvents(f.toiplus_site_settings.isFBCampaignActive); } else { var JarvisUrl="https://jarvis.indiatimes.com/v1/feeds/toi_plus/site_settings/643526e21443833f0c454615?db_env=published"; window.getFromClient(JarvisUrl, function(config){ if (config) { loadGtagEvents(config?.isGoogleCampaignActive); loadFBEvents(config?.isFBCampaignActive); } }) } }; })( window, document, 'script', );
For all the latest Technology News Click Here