Tapping the ad will open a fake Clubhouse for PC website. A link is included that, when typed, will download malware onto the victim’s device. The malicious app asks a Command and Control (C&C) server for instructions on what to do next.
Fake Clubhouse for PCF ad trick victims into installing malware-laden software
Some victims’ devices were loaded with ransomware, which demanded money from the owner of the infected device so that their device could function again. The fake clubhouse websites were hosted in Russia. Facebook wouldn’t say how many clicks the fake ads received, but it was found that there were nine ads running on Facebook from Tuesday through Thursday last week.
The fake ads attempted to seduce Facebook users by saying that Clubhouse “is now available for the PC,” along with a photo of co-founders Paul Davison and Rohan Seth. The ads have since been removed from Facebook’s ad library. For the security of your devices, remember that Clubhouse is currently only available for iOS.