Android Device Users at Risk of Attack by New Malware
(Baonghean.vn) - Recently, the Indian Computer Emergency Response Team (CERT-IN) under the Indian Cyber Security Agency has issued a warning about a new dangerous virus called "Daam", which can attack Android devices.
Accordingly, when this malware penetrates Android devices, it will steal personal information, penetrate anti-virus software and even install ransomware on the systems it targets.
How “Daam” Malware Can Put Your Android Device at Risk?
According to CERT-IN, the “Daam” malware is capable of retrieving a wide range of sensitive information after infiltrating a system, including browsing history, call logs, contact information, images, SMS messages, and data files.
The malware can bypass security protocols, making it difficult to identify and remove. Once it infects an Android device, “Daam” can even remotely control the phone.
![]() |
Illustration |
The “Daam” malware primarily spreads through the file format used by the Android operating system to distribute and install mobile applications, also known as APK (Android Package Kit) files. The malware infects Android devices when users download applications from untrusted or unknown sources, often found on third-party websites or applications.
Once the data is stolen, Daam will communicate with various Android APK files to access the phone. Once distributed through third-party websites, it will encrypt the files on the phone using the Advanced Encryption Standard (AES) algorithm before deleting the files from local storage and only the encrypted files are kept, with the extensions ".enc" and "readme_now.txt" along with a ransom note.
How to Protect Your Android Device from “Daam” Malware
To protect Android devices from “Daam” malware, CERT-IN has recommended users to take the following measures:
1. Minimize downloading apps from untrusted or unknown sources. Only download apps from legitimate app stores such as the app store provided by your device or operating system manufacturer to reduce the risk of installing potentially dangerous apps.
2. Android smartphone users should evaluate the application's technical specifications, download statistics, user reviews, and other information before downloading or installing the application.
3. Always install new Android updates and patches.
4. Avoid visiting untrusted websites or clicking on links, and be cautious when opening links or attachments in emails and SMS messages from unknown sources.
5. Install anti-virus and anti-spyware software and keep it updated.
6. Only open website addresses (Uniform Resource Locator: URL) with clear domain names. When unsure, people can use search engines to look up the organization's website directly to ensure that the websites they are visiting are trustworthy.
7. Consider using safe browsing tools and filtering services, as well as content-based filtering and anti-virus solutions.
8. Be wary of shortened URLs like bit.ly and tinyurl.
9. Before providing any sensitive information, such as personal information or account login information, look for a genuine encryption certificate by looking for the green padlock in your browser's address bar.
10. Any unexpected activity in the customer's account must be reported immediately to the relevant bank along with the necessary information for timely handling.
11. Regularly back up data to avoid data loss in case of malware attack./.
Reference:https://www.91mobiles.com/hub/daam-malware-hack-android-government-warning/