- Malware creators used Facebook ads showing Clubhouse for PC app to trick users in downloading a malicious app.
- These ads traced back to fake Clubhouse for PC Facebook pages.
- The fake website also has a link, which when downloaded, installs malware into the user’s computer.
Clubhouse, the immensely popular audio-only social app has seen many fake versions, mostly because of its popularity. Malware creators use fake Clubhouse app ads so that they can either get access to user's login details or install ransomware in user's phones. In the most recent case, malware creators used Facebook ads showing Clubhouse for PC app to trick users in downloading a malicious app.
As of now, Clubhouse is available for iOS users. It is also an invite-only app, which means that users cannot join an ongoing conversation unless they have a link for it, and when someone lets them in. Despite, the limited accessibility of the app, it is immensely popular and has seen around 13 million downloads from the year of its launch. It has also seen various apps bring out their own audio-only feature. Also, due to its limited accessibility, malware creators are conning Android and Windows users with Facebook ads.
According to an online report, the fake Clubhouse for PC ads is traced back to Facebook pages that try to impersonate Clubhouse. Once users click on these ads, they are taken to a fake website of Clubhouse, which shows a fake image of what the non-existent PC version looks like. This fake website also has a link, which when downloaded, installs malware into the user's computer.
TechCrunch, which first reported the malware noted that when users open the faulty app, it contacts a "command and control" server looking for directions from the user to perform the next task. According to the report, running the app inside a secure "sandbox" revealed that the app attempts to infect a computer with ransomware. Guardicore's Amit Serper, who tested the malware in a sandbox said the malware received an error from the server and did nothing more. The fake Clubhouse websites were hosted in Russia, and are now offline. As of now, the malware is not functional and the ads have been removed from Facebook's library.
The Facebook pages impersonation Clubhouse reportedly only had a few likes. At least nine fake Clubhouse for PC ads were placed between last Tuesday and Thursday. The ads featured photos of co-founders Paul Davidson and Rohan Seth. Last month, a fake app masquerading as Clubhouse on Android was used by malware creators to steal login information from a user's phone. The fake app looks identical to the original Clubhouse and can easily trick users to download it.