Data-stealing malware stalks more than 2 billion Android device users. This is all that is known about him so far.

A new malware threat stalks users of Android devices. On this occasion, the attack is aimed at one of the countries with the largest number of smartphones with the Google operating system active worldwide, more than 2 billion in total. The seriousness of the matter has led to Government of the country to publish a series of recommendations to prevent users from falling into the trap.

The malware, known as Ladyis a trojan capable of hack into the victims device and steal sensitive data to later send it to the attacker’s server. Not only that: in some cases, hacking attacks are also carried out ransomware which consist of encrypt all data present in device storage.

Daam, the malware that can encrypt all the data on your mobile

It is not clear, for now, who is of daam. But as reported by the group of cybersecurity researchers belonging to the Ministry of Electronics and Information Technology of the Government of India, its spread is taking place rapidly between devices present in the country.

It has been revealed that the malware uses APK format files to infect victims’ devices. Said files would be distributed through alternative stores to Google Play Store and unsafe app download websites.

Once the application with the malicious code manages to sneak inside the device, uses different techniques aimed at bypassing the security mechanisms of the system. Subsequently, obtains sensitive data by abusing the permissions granted by the user, and this is how you access data such as bookmarks and browser historycall logs or messages.

In some cases, moreover, it has been seen how malware can grant the control server remote access to the camera or the ability to intercept SMS, modify passwords or even download files that are later transmitted to the server.

Similarly, Daam has the ability to carry out attacks ransomwareand there have been cases of users who saw how the content of their phones was encrypted through an AES algorithm, and how a text file was generated with the steps to follow in order to recover the files.

Although, in principle, the malware has only been distributed in India, the researchers have shared a series of security recommendations that can be useful to any user. Among them is prevent app download from unreliable or insecure sources, or keep the device always updated with the latest security patch whenever possible.