Published On: Fri, Apr 9th, 2021

Facebook ran ads for a feign ‘Clubhouse for PC’ app planted with malware

Cybercriminals have taken out a series of Facebook ads masquerading as a Clubhouse app for PC users in sequence to aim gullible victims with malware, TechCrunch has learned.

TechCrunch was alerted Wednesday to Facebook ads tied to several Facebook pages impersonating Clubhouse, a drop-in audio discuss app usually accessible on iPhones. Clicking on a ad would open a feign Clubhouse website, including a mocked-up screenshot of what a self-existent PC app looks like, with a download couple to a antagonistic app.

When opened, a antagonistic app tries to promulgate with a authority and control server to obtain instructions on what to do next. One sandbox research of a malware showed a antagonistic app attempted to taint a private appurtenance with ransomware.

But overnight, a feign Clubhouse websites — that were hosted in Russia — went offline. In doing so, a malware also stopped working. Guardicore’s Amit Serper, who tested a malware in a sandbox on Thursday, pronounced a malware perceived an blunder from a server and did zero more.

The feign website was set adult to demeanour like Clubhouse’s genuine website, though featuring a antagonistic PC app. (Image: TechCrunch)

It’s not odd for cybercriminals to tailor their malware campaigns to piggyback off a successes of extravagantly renouned apps. Clubhouse reportedly surfaced some-more than 8 million tellurian downloads to date notwithstanding an invite-only launch. That high direct stirred a hasten to reverse-engineer a app to build illicit versions of it to hedge Clubhouse’s gated walls, though also supervision censors where a app is blocked.

A new Android spyware masquerades as a ‘system update’

Each of a Facebook pages impersonating Clubhouse usually had a handful of likes, though were still active during a time of publication. When reached, Facebook wouldn’t contend how many criticism owners had clicked on a ads indicating to a feign Clubhouse websites.

At slightest 9 ads were placed this week between Tuesday and Thursday. Several of a ads pronounced Clubhouse “is now accessible for PC,” while another featured a print of co-founders Paul Davidson and Rohan Seth. Clubhouse did not lapse a ask for comment.

The ads have been private from Facebook’s Ad Library, though we have published a copy. It’s also not transparent how a ads done it by Facebook’s processes in a initial place.

Why ‘blaming a intern’ won’t save startups from cybersecurity liability


About the Author