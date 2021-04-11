



The voice-only app Clubhouse has become very popular in the last few months, with cybercriminals exploiting app names to spread malware to people’s computers. Attackers do this by pushing ads that encourage Facebook users to download Clubhouse for their PC apps. According to a TechCrunch report, this fake app is full of links to malware.

This report details how Facebook ads first directed curious users to a series of fake Clubhouse web pages hosted in Russia. These pages prompted users to download what they thought was the latest version of Clubhouse for PC.

Once downloaded and installed, the app will begin signaling to the C & C (command and control) server. This allows an attacker to perform remote operations on the infected device after the malware is installed.

In some situations, Clubhouse is currently an iOS-only app and there is no official version yet to work on Android or Windows. Malware analysis sandbox VMRay testing has shown that a malicious app attempted to infect a computer with ransomware.

Stay away from fake ads

Fake malware-based cloning of existing apps and services isn’t a new trick in cybercrime playbooks, but using Facebook ads in the process of seducing people was alarming. Facebook has since removed ads, and sites that entice users to download fake Clubhouse apps have disappeared. However, the case reveals the fact that not all ads are reliable when online, even from sources such as Facebook.

It’s unclear how ads passed Facebook security checks at the first pace, but fortunately, the pages associated with them weren’t very appealing. A Facebook ad claims that Clubhouse is now available on PC and includes photos of co-founders Paul Davidson and Rohan Seth.

