The national cyber security agency had released a new advisory about the Android malware named ‘Daam’ that has been infecting mobile phones for stealing sensitive data such as call records, cameras, and history.
The over-smart virus has capacities of "bypassing anti-virus programs and deploying ransomware on the targeted devices", the team of Computer Emergency Response of India said. The agency is part of a federal technology arm that aims to fight off cyber-attacks and keep an eye on cyberspace in odds with hacking and phishing assaults and other cybercrimes.
According to the agency, the Android botnet is distributed via third-party websites or downloaded applications from unknown resources. “Once it is placed in the device, the malware tries to bypass the security check of the device and after a successful attempt, it attempts to steal sensitive data, and permissions such as reading history and bookmarks, killing background processing, and reading call logs,” stated the advisory.
Also, Daam can hack phone calls, and call recordings, access cameras, capture screenshots, modify device passwords, steal SMSs, and upload/download files.
After the malware is transmitted into the device it connects to the command-and-control servers. It easily bypasses devices’ security checks. Daam uses an AES encryption algorithm that encrypts files to the victim’s devices. It further deletes other files and leaves the device with “the encrypted files with “.enc” extension and a ransom note "readme_now.txt".”
Dos and Don’ts Suggested By The Central Agency
Limit your download sources to legitimate app stores and refrain from “downloading potentially harmful apps”
Review app details before installing apps, verify app permission, and “do not check "Untrusted Sources" checkbox to install side-loaded apps”
“Install Android Updates” from “Android device vendors”
Never browse or follow any “un-trusted websites” or links
“Install and maintain updated anti-virus and antispyware software”
Beware of “suspicious numbers” that don’t seem to be a real numbers, as scammers hide their identity
Do not click on any link before “extensive research”
Click URLs indicating the website domain clearly
Use “Safe Browsing tools, Safe Browsing tools, filtering tools” for filtering services
Be careful of “shortened URLs” specially “involving bit.ly and tinyurl”
Don’t provide any sensitive information without checking “for valid encryption certificates by checking for the green lock in the browser's address bar”
Report to your bank in case of “any unusual activity in their account immediately”
Following up above mentioned parameters will certainly help people stay away from cyber criminals and enjoy a safe and healthy online environment.