Audio-only app Clubhouse has become quite popular over the last few months and now cybercriminals are misusing the app’s name to spread malware to people’s computers. Attackers have been doing this by pushing out ads that urged Facebook users to download a ‘Clubhouse for PC’ app. As per a report by TechCrunch, this fake app is full of links to malware.
The report details how the Facebook ads first directed curious users to a series of fake Clubhouse web pages that were hosted in Russia. These pages encouraged users to download what they thought was the most recent version of Clubhouse for PC.
Once downloaded and installed, the app would begin signalling to a C&C (Command and Control) server. This allows attackers to remotely carry out operations on the infected device once the malware has been installed on it.
For some context, Clubhouse is currently an iOS-exclusive app and has no official version that works on Android or Windows yet. A malware analysis sandbox VMRay test showed that the malicious app tried to infect a computer with ransomware.
Stay clear of fake ads
While fake, malware-ridden clones of existing apps and services is not a new trick in the cybercrime playbook, the usage of Facebook ads in the process to lure people in was alarming. Facebook has since taken down the ads and the sites nudging users to download the fake Clubhouse app have also disapeared. However, the incident brings to light the fact that not all ads can be trusted when you’re online, even if they come from sources like Facebook.
While it is unclear how the ads made it through Facebook’s security checks in the first pace, fortunately, the pages associated with them did not have a lot of traction. The Facebook ads claimed that Clubhouse “is now available for PC” and also included a photo of co-founders Paul Davidson and Rohan Seth.