Clubhouse for PC isn't a thing - that download is actually malware

News
By
published

Fraudulent Facebook ad campaign stayed up for several days, but don't be fooled

Facebook
(Image credit: Shutterstock)

Threat actors have reportedly posted Facebook ads for a malware-laden download that pretended to be a Clubhouse app for Windows.

Cybercriminals often piggyback on the popularity of successful apps to lure innocent users to download infected clones - and with millions of downloads already, the invite-only audio-chat Clubhouse iPhone app lent itself nicely to the scammers. 

Ads that promised to overcome Clubhouse’s two limitations (invite- and iPhone-only) shouldn’t have passed Facebook’s security checks, but somehow did, and had a free run on the platform, directing innocent users to several Facebook pages impersonating Clubhouse.

TechRadar needs you!

We're looking at how our readers use VPN for a forthcoming in-depth report. We'd love to hear your thoughts in the survey below. It won't take more than 60 seconds of your time.

>> Click here to start the survey in a new window<<

Fake ads

According to reports, at least nine different ads for the fraudulent non-existent app were placed this week between Tuesday and Thursday. 

When clicked, the ad would lead to a fake Clubhouse website, which even included a mock up of the Clubhouse PC app along with a download link to a tained executable.

Security researchers have examined the executable and reveal that when run it phones a command and control (C2) server to obtain instructions on how to infect the computer. At least in one reported instance, the executable tried to infect the researcher’s sandboxed machine with ransomware.

However, it appears that the C2 server, and the fake Clubhouse websites, which were hosted in Russia, have gone offline.

When TechCrunch contacted Facebook about the ads that have now been removed from the platform, the social network refused to share the number of its users that had clicked on the ads pointing to the fake Clubhouse websites.

The fake facebook ads campaign comes on the heels of revelations that cybercriminals broke through Google Play Store’s protections to list a malware-like fake Netflix application on the platform. 

It’s worrying to see cybercriminals able to bypass security checks and protocols of established platforms, such as Facebook and Google, and the tech giants will have to up the ante in order to prevent further misuse.

Via: TechCrunch

TOPICS
Mayank Sharma
Mayank Sharma

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.

Read more
A padlock resting on a keyboard.
Understanding and avoiding malvertizing attacks
Pirate skull cyber attack digital technology flag cyber on on computer CPU in background. Darknet and cybercrime banner cyberattack and espionage concept illustration.
Mac users targeted with new malware, so be on your guard
A concept image of someone typing on a computer. A red flashing danger sign is above the keyboard and nymbers and symbols also in glowing red surround it.
Fake Reddit sites found pushing Lumma Stealer malware
In this photo illustration a Google Play logo seen displayed on a smartphone.
Why is there so much spyware hidden in the Play Store?
Red padlock open on electric circuits network dark red background
CrowdStrike warns of fake job offer scam that is actually just malware
Android phone malware
Screen reading malware found in iOS app stores for first time - and it might steal your cryptocurrency
Latest in Security
A close-up of a phone screen showing the Telegram, Signal and WhatsApp apps
Agentic AI has “profound” issues with security and privacy, Signal President says
Bluetooth
Top Bluetooth chip security flaw could put a billion devices at risk worldwide
How to prevent cyberattacks
NTT admits hackers accessed details of almost 18,000 corporate customers in cyberattack
Woman shocked by online scam, holding her credit card outside
Cybercriminals used vendor backdoor to steal almost $600,000 of Taylor Swift tickets
Woman using iMessage on iPhone
UK government guidelines remove encryption advice following Apple backdoor spat
Cryptocurrencies
Ransomware’s favorite Russian crypto exchange seized by law enforcement
Latest in News
Q Acoustics Q SUB80, QSUB100 and QSUB120 subwoofers
Q Acoustics wants to bring the bass to your post-Oscars movie catch-up
Hospital
Major Oracle outage hits US Federal health record systems
Samsung Galaxy A56 display
Samsung’s new budget handsets are getting One UI 7 before the Galaxy S24 Ultra, and I’m as confused as you are
iPad Pro 13-inch 2024 on a table
The OLED iPad Pro is reportedly less popular than expected – and that could mean these changes to Apple's OLED iPad plans
Sam Porter cradles a baby
Death Stranding 2: On the Beach trailer confirms June release date and an even more harrowing post-apocalyptic world
The Ray-Ban Meta Coperni smart glasses
The new Ray-Ban Meta smart glasses design is an expensive disappointment
More about security
How to prevent cyberattacks

NTT admits hackers accessed details of almost 18,000 corporate customers in cyberattack
A close-up of a phone screen showing the Telegram, Signal and WhatsApp apps

Agentic AI has “profound” issues with security and privacy, Signal President says
Bluetooth

Top Bluetooth chip security flaw could put a billion devices at risk worldwide
See more latest
Most Popular
Bluetooth
Top Bluetooth chip security flaw could put a billion devices at risk worldwide
Michelle and Kid Cosmo watching a video projected onto a screen in Netflix&#039;s The Electric State movie
'We could not achieve that with puppetry or animatronics': Joe and Anthony Russo didn't want to build real-life robots for The Electric State for two big reasons
Workers at computers in an office
Cybersecurity workers aren't massively happy with their employers - but they are being paid pretty well
Nvidia logo on a dark background
Nvidia's GeForce graphics driver woes continue for some users, despite 572.75 hotfix's overclock and black screen promises
Garmin Fenix 8 AMOLED watch on wrist
Garmin owners were confused about 13.35 software update for Fenix 8, here's what actually happened
An AI face in profile against a digital background.
Worried about DeepSeek? Well, Google Gemini collects even more of your personal data
Samsung Galaxy A56 display
Samsung’s new budget handsets are getting One UI 7 before the Galaxy S24 Ultra, and I’m as confused as you are
iPad Pro 13-inch 2024 on a table
The OLED iPad Pro is reportedly less popular than expected – and that could mean these changes to Apple's OLED iPad plans
Chrome icon on Android
The US government still wants Google to sell off Chrome
Q Acoustics Q SUB80, QSUB100 and QSUB120 subwoofers
Q Acoustics wants to bring the bass to your post-Oscars movie catch-up