Disclosures:
Professional Reviews

The reviews found on WizCase consist of evaluations conducted by community reviewers. These assessments take into account the reviewers' unbiased and knowledgeable analysis of the products and services being reviewed.

Ownership

WizCase is a leading cybersecurity review website with a team of experts experienced in testing and evaluating VPNs, antiviruses, password managers, parental controls, and software tools. Our reviews are available in 29 languages, making them accessible to a broad audience since 2018. To further support our readers in their pursuit of online security, we've partnered with Kape Technologies PLC, which owns popular products like ExpressVPN, CyberGhost, ZenMate, Private Internet Access, and Intego, all of which may be reviewed on our website.

Affiliate Commissions

Wizcase contains reviews that follow the strict reviewing standards, including ethical standards, that we have adopted. Such standards require that each review will take into consideration the independent, honest, and professional examination of the reviewer. That being said, we may earn a commission when a user completes an action using our links, at no additional cost to them. On listicle pages, we rank vendors based on a system that prioritizes the reviewer’s examination of each service, but also considers feedback received from our readers and our commercial agreements with providers.

Review Guidelines

The reviews published on WizCase are written by community reviewers that examine the products according to our strict reviewing standards. Such standards ensure that each review prioritizes the independent, professional, and honest examination of the reviewer, and takes into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings we publish may also take into consideration the affiliate commissions we earn for purchases through links on our website.

Android Malware Daam Has Data Theft & Ransomware Capabilities: CERT-In Issues Advisory

Android Malware Daam Has Data Theft & Ransomware Capabilities: CERT-In Issues Advisory

Shipra Sanganeria
Published by Shipra Sanganeria on May 29, 2023

Last week the Indian national cybersecurity agency – CERT-In, released an advisory related to the newly discovered malware ‘Daam’. This threat can bypass antivirus software, steal sensitive data, and deploy ransomware on victim’s devices. The advisory was released for Android phone users and is said to impact the best of the brands.

The malware was first identified in April 2023, by researchers of the Singapore-based cybersecurity company CloudSEK. ‘’ The malware was found to be communicating with various Android APK files, likely indicating the source of infection,’’ noted CloudSEK. The team also named three applications associated with this malicious APK file:

  • Psiphon Client for Android and Windows: a free VPN
  • Boulders: a mobile game
  • Currency Pro: a currency converter

These trojanized apps are free and available on various unauthorized third-party websites. This sophisticated malware uses various techniques to access private data such as recording phone and VoIP calls, including calls made from encrypted services like Hike and Whatsapp.

Daam can easily bypass security to steal any file from the phones, including both new and old contacts, names of Google accounts, financial information, SMS messages and browser bookmarks. It can also upload/ download files, hack the camera, capture screenshots and lock phones by accessing device password and pin. The stolen data is subsequently transmitted to the threat actor managed C2 servers.

Moreover, to encrypt files on the victim’s device, the malware is said to use ‘’AES algorithms present in the root directory and SD card.’’  Once encryption is complete, it leaves behind “.enc” files and “readme_now.txt”, which is believed to be a ransom note.

As Daam can easily bypass any antivirus program, CloudSEK and CERT-In have suggested few measures using which users can utilize to protect and secure their devices. For instance, download apps from legitimate sources, check app reviews, use strong antivirus, check URLs, verify app permissions, etc.

By following these practices, the user can not only safeguard against Daam but also other ransomware gangs who utilize threats like phishing and identity and data theft to coerce their victims.

Did you like this article? Rate it!
I hated it I don't really like it It was ok Pretty good! Loved it!
0 Voted by 0 users
Title
Comment
Thanks for your feedback