SYMBOLCOMMON_NAMEaka. SYNONYMS
apk.daam (Back to overview)

DAAM

aka: BouldSpy

According to PCrisk, DAAM is an Android malware utilized to gain unauthorized access to targeted devices since 2021. With the DAAM Android botnet, threat actors can bind harmful code with a genuine application using its APK binding service.

Lookout refers to this malware as BouldSpy and assesses with medium confidence that this Android surveillance tool is used by the Law Enforcement Command of the Islamic Republic of Iran (FARAJA).

References
2023-04-27LookoutAlemdar Islamoglu, Justin Albrecht, Kyle Schmittle, Paul Shunk
Lookout Discovers Android Spyware Tied to Iranian Police Targeting Minorities: BouldSpy
DAAM
2023-04-20CybleincCyble
DAAM Android Botnet being distributed through Trojanized Applications
DAAM

There is no Yara-Signature yet.