Alert Against Daam Virus: What You Need to Know

The Central government has recently issued an important advisory against a dangerous malware called the 'Daam' virus, which targets Android phones and devices. This article aims to provide comprehensive information on the Daam virus, its capabilities, how it affects Android devices, and how users can protect themselves against it.

The Daam Virus: A Threat to Android Devices

The Daam virus is a malicious software that infects Android phones and gains unauthorized access to sensitive user data, including call records, contacts, camera, and browsing history. The Indian Computer Emergency Response Team (CERT-In), the national cyber security agency, has issued an advisory to all Android users, alerting them about the dangers posed by this virus.

Bypassing Anti-Virus Programs

One of the most concerning aspects of the Daam virus is its ability to bypass anti-virus programs and deploy ransomware on the targeted devices. This means that even if users have installed security software on their phones, the Daam virus can still infiltrate their systems and wreak havoc on their personal information.

Distribution Through Third-Party Websites and Apps

The Daam virus is typically distributed through third-party websites or applications downloaded from untrusted or unknown sources. These websites and apps may appear legitimate but are actually malicious in nature. Users must exercise caution when downloading apps or content from sources outside of official app stores, as this can increase the risk of malware infections.

How the Daam Virus Infects Android Devices

Once the Daam virus enters an Android device, it attempts to bypass the security checks in place. Upon successful infiltration, it steals sensitive data and permissions, such as reading history and bookmarks, killing background processes, and accessing call logs.

AES Encryption Algorithm

The Daam virus utilizes the Advanced Encryption Standard (AES) encryption algorithm to encrypt files on the victim's device. This results in other files being deleted from the device's storage, leaving only the encrypted files with a ".enc" extension and a ransom note called "readme_now.txt."

Command-and-Control Server

After gaining access to an Android device, the Daam virus establishes communication with a command-and-control (C2) server. This server is responsible for orchestrating the actions of the malware on the infected device, such as stealing SMS messages, modifying device passwords, downloading/uploading files, and more.

The Capabilities of the Daam Virus

The Daam virus is capable of performing a wide range of actions on an infected device. Some of its key capabilities include:

Hacking Call Records and Contacts

The malware can access and steal call records and contacts from the victim's device, potentially exposing sensitive information and putting the user's privacy at risk.

Gaining Access to the Camera

By gaining unauthorized access to the camera, the Daam virus can potentially spy on the user and capture images without their knowledge.

Modifying Device Passwords

The virus can also change device passwords, effectively locking users out of their devices and rendering them inaccessible.

Capturing Screenshots

The Daam virus is capable of taking screenshots of the victim's device, potentially revealing sensitive information and activities.

Stealing SMS Messages

The malware can access and steal SMS messages from the infected device, potentially exposing private conversations and sensitive data.

Protecting Yourself from the Daam Virus

To minimize the risk of becoming a victim of the Daam virus, users should adhere to the following guidelines and best practices:

Download Apps from Official App Stores

Only download apps and content from official app stores, such as Google Play or the Apple App Store. This will reduce the risk of downloading potentially harmful apps from untrusted sources.

Review App Details and Permissions

Always review app details and user reviews before downloading. Additionally, only grant app permissions that are relevant to the app's purpose.

Install Android Updates

Install Android updates as soon as they become available, and only download them from official Android device vendors.

Avoid Untrusted Websites and Links

Do not visit untrusted websites or click on untrusted links. Exercise caution when clicking on links in unsolicited emails or SMS messages.

Maintain Updated Anti-Virus Software

Install and maintain updated anti-virus and anti-spyware software to protect your device from malware infections.

Be Vigilant of Suspicious Numbers

Stay alert for suspicious phone numbers that do not resemble genuine mobile numbers. Scammers often use email-to-text services to mask their true identity.

Exercise Caution with Shortened URLs

Be cautious when clicking on shortened URLs, such as those involving bit.ly and tinyurl.com. These links can potentially lead to malicious websites.

Use Safe Browsing Tools

Employ safe browsing tools, filtering tools in antivirus programs, firewalls, and filtering services to protect your device from harmful websites and content.

Check for Valid Encryption Certificates

Before providing sensitive information online, verify the presence of a valid encryption certificate by looking for the green lock icon in your browser's address bar.

Report Unusual Bank Account Activity

If you notice unusual activity in your bank account, report it immediately to your bank to prevent potential fraud.

In conclusion, the Daam virus poses a significant threat to Android users, and it's essential to remain vigilant and follow the recommended guidelines to protect your device and personal information. By staying informed and exercising caution when downloading apps and browsing the internet, you can reduce your risk of falling victim to this dangerous malware.