In a recent advisory, India’s national cybersecurity organization, CERT-IN, has warned about a dangerous Android malware called “Daam” that poses a significant threat to user data security. This malware has the ability to bypass antivirus software, steal sensitive information, and even install ransomware on targeted devices.
The Threat of Daam Malware: Understanding the Risks and Implications
Once infiltrated, the Daam malware can access and retrieve a wide range of confidential data, including browsing history, call logs, contact information, camera contents, SMS messages, and files. It operates by circumventing security measures, making it challenging to detect and remove. The stolen data is then transmitted to the attacker’s server, and the device’s contents are encrypted using AES encryption, leaving behind “.enc” files and a ransom note named “readme_now.txt.”
For safeguarding Android devices against the Daam malware and similar risks, CERT-IN has offered crucial best practices and recommendations:
Limit Download Sources: Minimize the risk of downloading potentially harmful apps by relying on official app stores, such as the manufacturer’s or operating system’s app store.
Review App Details: Before downloading an app, even from trusted sources like the Google Play Store, thoroughly review its details, including user reviews, number of downloads, comments, and additional information.
Verify App Permissions: Pay close attention to the permissions requested by apps and grant only those that are necessary and relevant to the app’s intended functionality. Avoid granting unnecessary permissions that may compromise privacy.
Avoid Side-loaded Apps: Refrain from installing apps from untrusted or unofficial sources. Stick to reputable and trusted sources for app installations.
Keep Your Device Updated: Regularly install updates and patches provided by your device’s vendor, as they often include critical security enhancements.
Exercise Caution Online: Avoid browsing untrusted websites or clicking on suspicious links. Be especially cautious with links received through unsolicited emails or SMS messages, as they may lead to malware downloads or malicious websites.
Use Antivirus Software: Install and regularly update reliable antivirus and antispyware software on your device to detect and prevent malware infections.
Verify SMS Sender Information: Be vigilant for suspicious numbers that do not resemble genuine mobile phone numbers. Legitimate SMS messages from banks often include sender IDs rather than phone numbers.
Research Before Clicking Links: Conduct thorough research before clicking on any links, particularly in messages. Utilize websites that allow phone number searches to verify the legitimacy of numbers or identify potential scams.
Verify URLs: Only click on URLs that clearly indicate the website domain. If unsure, use search engines to directly search for the organization’s official website to ensure legitimacy.
Utilize Safe Browsing Tools: Consider using safe browsing tools and filtering services offered by antivirus, firewall, and content-based filtering software.
Exercise Caution with Shortened URLs: Approach shortened URLs, such as those using bit.ly or tinyurl, with caution. Hover over the link to view the full website domain or utilize a URL checker to verify the destination.
Check Encryption Certificates: Ensure the presence of valid encryption certificates by looking for the green lock symbol in the browser’s address bar. Verify proper security measures before sharing any sensitive information online.
Report Suspicious Activity: Promptly report any unusual account activity to the respective bank or service provider, providing relevant details for appropriate action to be taken.
By adhering to these guidelines and best practices, users can significantly reduce their vulnerability to the Daam malware and related threats. It is essential to remain vigilant and prioritize the protection of devices to safeguard personal data and maintain online security.
RELATED:
- Google Play Store Is Not Safe: Popular App Secretly Recorded Users’ Voices
- Samsung & McAfee Extend Decade-long Partnership to Enhance Mobile Security
- Google Identifies Malware in Popular Chinese E-Commerce Giant Pinduoduo’s Apps
- Best ChatGPT Extensions for Chrome
![Best Free Android Games [2024]](https://www.gizmochina.com/wp-content/uploads/2024/04/Best-Free-Android-Games-2024-218x150.png "10 Best Free Android Games in 2024")
