Daam Virus: National Cyber Security Warns Against Spread of Virus That Steals Call Records, Camera and Reads History From Android Phones
New Delhi, May 26: An Android malware called тАШDaamтАЩ that infects mobile phones and hacks into sensitive data like call records, contacts, history and camera has been found to be spreading, the national cyber security agency has said in its latest advisory.
The virus is also capable of тАЬbypassing anti-virus programs and deploying ransomware on the targeted devicesтАЭ, the Indian Computer Emergency Response Team or CERT-In said.┬аData Breach: Nearly Six Lakh HDFC Bank CustomersтАЩ Data Leaked on Dark Web, Bank Denies.
The agency is the federal technology arm to combat cyber attacks and guard the cyber space against phishing and hacking assaults and similar online attacks. The Android botnet gets distributed through third-party websites or applications downloaded from untrusted/unknown sources, the agency said.┬аRansomware Attack: US Network Infrastructure Giant CommScope Hit by Cyberattack, Employee Data Exposed Online.
тАЬOnce it is placed in the device, the malware tries to bypass the security check of the device and after a successful attempt, it attempts to steal sensitive data, and permissions such as reading history and bookmarks, killing background processing, and reading call logs etc,тАЭ the advisory said.
тАШDaamтАЩ is also capable of hacking phone call recordings, contacts, gaining access to camera, modifying device passwords, capturing screenshots, stealing SMSes, downloading/uploading files, etc. and transmitting to the C2 (command-and-control) server from the victimтАЩs (affected persons) device, the advisory said.
The malware, it said, utilises the AES (advanced encryption standard) encryption algorithm to code files in the victimтАЩs device. Other files are then deleted from the local storage, leaving only the encrypted files with тАЬ.encтАЭ extension and a ransom note that says тАЬreadme_now.txtтАЭ, the advisory said.
The central agency suggested a number of doтАЩs and donтАЩts to avoid getting attacked by such viruses and malware. The Cert-In advised against browsing тАЬun-trusted websitesтАЭ or clicking on тАЬun-trusted linksтАЭ. Caution should be exercised while clicking on any link provided in unsolicited emails and SMSes, it said. Install and maintain updated anti-virus and anti-spyware software, it suggested.
It also suggested that users should be on the lookout for тАЬsuspicious numbersтАЭ that donтАЩt look like тАЬreal mobile phone numbersтАЭ as scammers often mask their identity by using email-to-text services to avoid revealing their actual phone number.
тАЬGenuine SMS messages received from banks usually contain sender ID (consisting of bankтАЩs short name) instead of a phone number in the sender information field,тАЭ it said.
It also asked users to exercise caution towards shortened URLs (uniform resource locators), such as those involving тАШbitlyтАЩ and тАШtinyurlтАЩ hyperlinks like: тАЬhttp://bit.ly/тАЭ тАЬnbit.lyтАЭ and тАЬtinyurl.com/тАЭ.
Users are advised to hover their cursors over the shortened URLs to see the full website domain which they are visiting or use a URL checker that will allow the user to enter a short URL and view the full URL, the advisory suggested.
(The above story first appeared on Today News 24 on May 27, 2023 10:26 AM IST. For more news and updates on politics, world, sports, entertainment and lifestyle, log on to our website todaynews24.top).
