shot-button
Ganesh Chaturthi Ganesh Chaturthi
Home > News > India News > Article > Daam virus steals call records reads history from Android phones advisory issued

'Daam' virus steals call records, reads history from Android phones; advisory issued

Updated on: 26 May,2023 03:46 PM IST  |  New Delhi
mid-day online correspondent |

The agency is the federal technology arm to combat cyber attacks and guard the cyber space against phishing and hacking assaults and similar online attacks

'Daam' virus steals call records, reads history from Android phones; advisory issued

Image used for representational purpose. Pic/iStock

The national cyber security agency in its latest advisory said that an Android malware called 'Daam' that infects mobile phones and hacks into sensitive data like call records, contacts, history and camera has been found to be spreading.


"The virus is also capable of "bypassing anti-virus programs and deploying ransomware on the targeted devices", the Indian Computer Emergency Response Team or CERT-In said, PTI reported.


The agency is the federal technology arm to combat cyber attacks and guard the cyber space against phishing and hacking assaults and similar online attacks.
The Android botnet gets distributed through third-party websites or applications downloaded from untrusted/unknown sources, the agency said.
"Once it is placed in the device, the malware tries to bypass the security check of the device and after a successful attempt, it attempts to steal sensitive data, and permissions such as reading history and bookmarks, killing background processing, and reading call logs etc," PTI quoted from the advisory.


'Daam' is also capable of hacking phone call recordings, contacts, gaining access to camera, modifying device passwords, capturing screenshots, stealing SMSes, downloading/uploading files, etc. and transmitting to the C2 (command-and-control) server from the victim's (affected persons) device, the advisory said.

The malware, it said, utilises the AES (advanced encryption standard) encryption algorithm to code files in the victim's device. Other files are then deleted from the local storage, leaving only the encrypted files with ".enc" extension and a ransom note that says "readme_now.txt", the advisory said.

Also read: Beware of malware: How Indian government officials are being targeted by Pakistani hacker groups

The central agency suggested a number of do's and don'ts to avoid getting attacked by such viruses and malware. The Cert-In advised against browsing "un-trusted websites" or clicking on "un-trusted links". Caution should be exercised while clicking on any link provided in unsolicited emails and SMSes, it said. Install and maintain updated anti-virus and anti-spyware software, it suggested.

It also suggested that users should be on the lookout for "suspicious numbers" that don't look like "real mobile phone numbers" as scammers often mask their identity by using email-to-text services to avoid revealing their actual phone number. "Genuine SMS messages received from banks usually contain sender ID (consisting of bank's short name) instead of a phone number in the sender information field," it said.

It also asked users to exercise caution towards shortened URLs (uniform resource locators), such as those involving 'bitly' and 'tinyurl' hyperlinks like: "https://bit.ly/" "\nbit.ly" and "tinyurl.com/".

Users are advised to hover their cursors over the shortened URLs to see the full website domain which they are visiting or use a URL checker that will allow the user to enter a short URL and view the full URL, the advisory suggested.

(With PTI inputs)

"Exciting news! Mid-day is now on WhatsApp Channels Subscribe today by clicking the link and stay updated with the latest news!" Click here!

Register for FREE
to continue reading !

This is not a paywall.
However, your registration helps us understand your preferences better and enables us to provide insightful and credible journalism for all our readers.

Mid-Day Web Stories

Mid-Day Web Stories

This website uses cookie or similar technologies, to enhance your browsing experience and provide personalised recommendations. By continuing to use our website, you agree to our Privacy Policy and Cookie Policy. OK