SYMBOLCOMMON_NAMEaka. SYNONYMS
apk.daam (Back to overview)

DAAM

aka: BouldSpy

According to PCrisk, DAAM is an Android malware utilized to gain unauthorized access to targeted devices since 2021. With the DAAM Android botnet, threat actors can bind harmful code with a genuine application using its APK binding service.

Lookout refers to this malware as BouldSpy and assesses with medium confidence that this Android surveillance tool is used by the Law Enforcement Command of the Islamic Republic of Iran (FARAJA).

References
2023-04-27LookoutKyle Schmittle, Alemdar Islamoglu, Paul Shunk, Justin Albrecht
@online{schmittle:20230427:lookout:3956976, author = {Kyle Schmittle and Alemdar Islamoglu and Paul Shunk and Justin Albrecht}, title = {{Lookout Discovers Android Spyware Tied to Iranian Police Targeting Minorities: BouldSpy}}, date = {2023-04-27}, organization = {Lookout}, url = {https://www.lookout.com/blog/iranian-spyware-bouldspy}, language = {English}, urldate = {2023-05-30} } Lookout Discovers Android Spyware Tied to Iranian Police Targeting Minorities: BouldSpy
DAAM
2023-04-20CybleincCyble
@online{cyble:20230420:daam:8b46773, author = {Cyble}, title = {{DAAM Android Botnet being distributed through Trojanized Applications}}, date = {2023-04-20}, organization = {Cybleinc}, url = {https://blog.cyble.com/2023/04/20/daam-android-botnet-being-distributed-through-trojanized-applications/}, language = {English}, urldate = {2023-05-10} } DAAM Android Botnet being distributed through Trojanized Applications
DAAM

There is no Yara-Signature yet.