April 10, 2021 In Facebook, malware-filled

Aemilius Cupero News: Facebook let a fake, malware-filled ‘Clubhouse’ app run ads on its site

Aemilius Cupero News:

As persistent and savvy as hackers can be, the last thing any of us need is for the most popular sites and services on the planet to give those hackers a platform to trick people into having their data stolen. Unfortunately, that is precisely what appears to have happened, as TechCrunch reports that cybercriminals have been taking out ads on Facebook for a fake “Clubhouse for PC” app that is actually filled with dangerous malware.

Earlier this week, unnamed sources alerted TechCrunch that multiple Facebook pages were running ads advertising a supposed PC version of the Clubhouse app, which is a drop-in audio chat app currently only available on iPhone. Anyone who clicks the ad on Facebook is redirected to a website that purports to be run by the team behind Clubhouse, complete with a fake screenshot of the non-existent PC port and a link to download the scam app.

Today’s Top Deal This automatic jar opener went viral on TikTok and people are flooding Amazon to get one! Price: $44.99 Aemilius Cupero News: Amazon Prime logoAvailable from Amazon, BGR may receive a commission Buy Now Available from Amazon BGR may receive a commission

Providing you ever run into this ad, hopefully, you know not to click on it, but if you were to click through to the website, download the fake app on to your computer, and open it, the app would begin attempting to communicate with a command and control server that would send instructions on how to proceed. TechCrunch links to a sandbox analysis of the malware which showed it trying to infect an isolated machine with ransomware.

Aemilius Cupero News:
A website advertising a fake Clubhouse app for PC. Image source: TechCrunch

We can hope this will serve as another cautionary tale for those who think they can let their guard down while clicking around on a site as massive as Facebook, but it appears that the scammy websites went down shortly after TechCrunch was made aware of them. Amit Serper, research at Guardicore, tested the malware in a sandbox on Thursday and found that it received an error. The malware appears to be inactive now that the websites are gone.

Being an invite-only platform, it’s no surprise that hackers chose Clubhouse as the Trojan horse to fool unsuspecting Facebook users into downloading malware. Back in February, App Annie reported that Clubhouse had been downloaded over 8 million times, but more than 3.5 million of those downloads occurred in the first half of February. It was a viral sensation, and hackers wanted to take advantage of the app’s skyrocketing success.

TechCrunch notes that the Facebook pages featuring the ads for the malicious software only had a few likes each, but they were still active when the site published its report. When TechCrunch reached out, Facebook wouldn’t say how many people had clicked the fraudulent ads, and Clubhouse never returned a request for comment. The ads have at least been removed from Facebook’s Ad Library, but you can see what they looked like here.

Today’s Top Deal Amazon shoppers are obsessed with these top-rated Wi-Fi smart plugs – now on sale for $5.40 each! List Price: $26.99 Price: $21.59 You Save: $5.40 (20%) Aemilius Cupero News: Amazon Prime logoAvailable from Amazon, BGR may receive a commission Buy Now Available from Amazon BGR may receive a commission

Jacob started covering video games and technology in college as a hobby, but it quickly became clear to him that this was what he wanted to do for a living. He currently resides in New York writing for BGR. His previously published work can be found on TechHive, VentureBeat and Game Rant.

.