Fake ads for a non existent version of Clubhouse spread malware to victoms
Fake ads for a non existent version of Clubhouse spread malware to victoms


Possibly because an Android version of the app is months away, some bad actors tricked Android users into installing malware-laden fake versions of a nonexistent Clubhouse for Android app. And now TechCrunch reports that cybercriminals posted ads on Facebook for fake versions of a Clubhouse for PC variant that is not only not real, but also full of malware.
The only platform with a legitimate version of Clubhouse is iOS. The audio-only chat room has become a very popular hang-up place, but users need an invitation to join. Currently, you can only download the app from the App Store. The Facebook ads connect to pages on the social media website that pretend to be a clubhouse.

Tapping the ad will open a fake Clubhouse for PC website. A link is included that, when typed, will download malware onto the victim’s device. The malicious app asks a Command and Control (C&C) server for instructions on what to do next.

Some victims’ devices were loaded with ransomware, which demanded money from the owner of the infected device so that their device could function again. The fake clubhouse websites were hosted in Russia. Facebook wouldn’t say how many clicks the fake ads received, but it was found that there were nine ads running on Facebook from Tuesday through Thursday last week.

The fake ads attempted to seduce Facebook users by saying that Clubhouse “is now available for the PC,” along with a photo of co-founders Paul Davison and Rohan Seth. The ads have since been removed from Facebook’s ad library. For the security of your devices, remember that Clubhouse is currently only available for iOS.

LEAVE A REPLY

Please enter your comment!
Please enter your name here