Clubhouse for PC isn't a thing - that download is actually malware
Fraudulent Facebook ad campaign stayed up for several days, but don't be fooled
Threat actors have reportedly posted Facebook ads for a malware-laden download that pretended to be a Clubhouse app for Windows.
Cybercriminals often piggyback on the popularity of successful apps to lure innocent users to download infected clones - and with millions of downloads already, the invite-only audio-chat Clubhouse iPhone app lent itself nicely to the scammers.
Ads that promised to overcome Clubhouse’s two limitations (invite- and iPhone-only) shouldn’t have passed Facebook’s security checks, but somehow did, and had a free run on the platform, directing innocent users to several Facebook pages impersonating Clubhouse.
We're looking at how our readers use VPN for a forthcoming in-depth report. We'd love to hear your thoughts in the survey below. It won't take more than 60 seconds of your time.
- We've put together a list of the best endpoint protection software
- These are the best identity theft protection tools
- Here’s are list of the best Clubhouse alternatives for Android
Fake ads
According to reports, at least nine different ads for the fraudulent non-existent app were placed this week between Tuesday and Thursday.
When clicked, the ad would lead to a fake Clubhouse website, which even included a mock up of the Clubhouse PC app along with a download link to a tained executable.
Security researchers have examined the executable and reveal that when run it phones a command and control (C2) server to obtain instructions on how to infect the computer. At least in one reported instance, the executable tried to infect the researcher’s sandboxed machine with ransomware.
However, it appears that the C2 server, and the fake Clubhouse websites, which were hosted in Russia, have gone offline.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
When TechCrunch contacted Facebook about the ads that have now been removed from the platform, the social network refused to share the number of its users that had clicked on the ads pointing to the fake Clubhouse websites.
The fake facebook ads campaign comes on the heels of revelations that cybercriminals broke through Google Play Store’s protections to list a malware-like fake Netflix application on the platform.
It’s worrying to see cybercriminals able to bypass security checks and protocols of established platforms, such as Facebook and Google, and the tech giants will have to up the ante in order to prevent further misuse.
- Protect your devices with these best antivirus software
Via: TechCrunch
With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.