Not even a month after the discovery of an extremely widespread malware on Android, present on 11 applications that have totaled a total of 620,000 downloads, that the news of a new malware targeting Android smartphonescalled “Daam” and which would aim to steal the data stored on the devices.
The malware, reports GizmoChina, was discovered by CERT-IN, the Indian national cybersecurity agency, and has so far mostly affected users originating from the Indian subcontinent, although it could be present even on Android apps intended for Western smartphones. Until we know more, therefore, the advice is to be very careful in choosing the software that you decide to download from the Play Store and from the web.
This is especially true in the case of Daam, which seems to be able to bypass antivirus and steal personal data of affected users, including address and residency data, and most importantly, credit card numbers and PINs, and bank account information. Among other data that Daam could capture once installed on a user’s phone we have the browser history, the contact list, sent and received text messages, locally saved files and even contents of the camera roll Of the device.
The stolen data is transmitted via the internet to virus databases, which use AES encryption for transmission. The information is then encrypted in an .enc file and sent to the malicious groups behind the malware, who give the unfortunate users the ability to redeem their data by paying a sum of money or to have all their sensitive information appear on the net. In short, the functioning of the malware is very similar to that of a ransomware.
CERT-IN has also provided a list of precautions to take on Android to avoid being hit by Daam. In addition to paying particular attention to downloads, especially those that come from outside the Google Play Store, it is recommended to avoid the sideloading of the apps and to verify the permissions granted to the apps, eliminating those that seem to take too many “liberties” with the smartphone. In addition, theauthority also recommends be very careful when browsing the webespecially when you connect to links received by email or message.