Daam Virus That Steals Call Logs, History and Accesses Cameras Spreading on Android Phones, CERT-in Warns

CERT-In says the Daam Android malware can also "bypass anti-virus programs and deploy ransomware on the targeted devices"

Advertisement
By Press Trust of India | Updated: 27 May 2023 13:07 IST
Highlights
  • The Android botnet gets distributed through third-party websites
  • It is advised to maintain updated anti-virus and anti-spyware software
  • 'Daam' is capable of modifying device passwords

The malware utilises the AES encryption algorithm to code files in the victim's device

Photo Credit: Unsplash/ Pathum Danthanarayana

An Android malware called 'Daam' that infects mobile phones and hacks into sensitive data like call records, contacts, history and camera has been found to be spreading, the national cyber security agency has said in its latest advisory.

The virus is also capable of "bypassing anti-virus programs and deploying ransomware on the targeted devices", the Indian Computer Emergency Response Team or CERT-In said.

Advertisement

The agency is the federal technology arm to combat cyber attacks and guard the cyber space against phishing and hacking assaults and similar online attacks.

The Android botnet gets distributed through third-party websites or applications downloaded from untrusted/unknown sources, the agency said.

Advertisement

"Once it is placed in the device, the malware tries to bypass the security check of the device and after a successful attempt, it attempts to steal sensitive data, and permissions such as reading history and bookmarks, killing background processing, and reading call logs etc," the advisory said.

'Daam' is also capable of hacking phone call recordings, contacts, gaining access to camera, modifying device passwords, capturing screenshots, stealing SMSes, downloading/uploading files, etc. and transmitting to the C2 (command-and-control) server from the victim's (affected persons) device, the advisory said.

Advertisement

The malware, it said, utilises the AES (advanced encryption standard) encryption algorithm to code files in the victim's device.

Other files are then deleted from the local storage, leaving only the encrypted files with ".enc" extension and a ransom note that says "readme_now.txt", the advisory said.

Advertisement

The central agency suggested a number of do's and don'ts to avoid getting attacked by such viruses and malware.

The Cert-In advised against browsing "un-trusted websites" or clicking on "un-trusted links". Caution should be exercised while clicking on any link provided in unsolicited emails and SMSes, it said. Install and maintain updated anti-virus and anti-spyware software, it suggested.

It also suggested that users should be on the lookout for "suspicious numbers" that don't look like "real mobile phone numbers" as scammers often mask their identity by using email-to-text services to avoid revealing their actual phone number.

"Genuine SMS messages received from banks usually contain sender ID (consisting of bank's short name) instead of a phone number in the sender information field," it said.

It also asked users to exercise caution towards shortened URLs (uniform resource locators), such as those involving 'bitly' and 'tinyurl' hyperlinks like: "http://bit.ly/" "nbit.ly" and "tinyurl.com/".

Users are advised to hover their cursors over the shortened URLs to see the full website domain which they are visiting or use a URL checker that will allow the user to enter a short URL and view the full URL, the advisory suggested.


Samsung Galaxy A34 5G was recently launched by the company in India alongside the more expensive Galaxy A54 5G smartphone. How does this phone fare against the Nothing Phone 1 and the iQoo Neo 7? We discuss this and more on Orbital, the Gadgets 360 podcast. Orbital is available on Spotify, Gaana, JioSaavn, Google Podcasts, Apple Podcasts, Amazon Music and wherever you get your podcasts.
Affiliate links may be automatically generated - see our ethics statement for details.
 

Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.

Advertisement
Popular Mobile Brands
  1. Huawei Band 11 Series Over 100 Workout Modes Debuts in India: See Price
  2. Here's Our First Look of the Nothing Phone 4b 'RCB Edition' Variant
  3. OTT Releases This Week: Elle, Super Subbu, Enola Holmes 3, and More
  4. Samsung Galaxy Jump 5 Debuts As a Rebranded Version of This Smartphone
  5. Moto G77 Power Will Launch in India on This Date
  6. Garmin Forerunner 70, Forerunner 170, Forerunner 170 Music Debut in India
  7. Top Deals on Fitness Trackers, Smart Rings in Amazon Prime Day Sale 2026
  8. Amazon Prime Day Sale: Early Deals on Smartphones From Top Brands Revealed
  9. CMF's Himanshu Tandon Departs Firm After a 10-Month Stint
  1. iQOO Z11i Launched With 6,500mAh Battery, Snapdragon 4 Gen 2 Chip: Price, Specifications
  2. Huawei Band 11 Series Launched in India With 1.62-Inch Display, Over 100 Workout Modes: Price, Features
  3. Samsung Galaxy A18 Models Said to Drop Exynos Chip in Favour of MediaTek, Snapdragon
  4. DJI Mic Mini 2S Launched With 32-Bit Float Recording, AI Noise Cancellation: Price, Features
  5. Alienware 15 Launched in India With Up to Ryzen 7 260 CPU, RTX 4050 GPU: Price, Specifications
  6. PS Plus Monthly Games for July Include Call of Duty: Modern Warfare 3, For the King 2 and CrossCode
  7. Nothing Phone 4b RCB Edition Design, Colour Revealed Days Ahead of Debut
  8. Garmin Forerunner 70, Forerunner 170, Forerunner 170 Music Launched in India With 1.2-Inch Display, Up to 13 Days Battery Life
  9. Redmi Note 17 Series Launch Timeline Teased, Company Touts Display Upgrades and Longer Battery Life
  10. Lava Probuds T51, Xscape 13° Neckband With Up to 70 Hours Battery Life Launched in India: Price, Features
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2026. All rights reserved.