Clubhouse, the super-popular iOS mobile application is being used to fool Android users into exposing themselves to a dangerous malware…
Clubhouse, the audio-only social media platform has found huge success with the launch and adaptation of its iOS app. It’s so popular, the company is rushing to get an Android version out as quickly as possible. But, the absence of an Android counterpart presents an irresistible opportunity for nefarious characters. And, that’s precisely what’s happening with a bogus Clubhouse website.
Fake Clubhouse Trojan Program Disguised as an Android App on Malicious Site
The fraudulent site, found over at “joinclubhouse[.]mobi” is circulating the malicious app around the web. Of course, the counterfeit website looks just like the real Clubhouse site. However, one give-away to its in-authenticity is the fact that it offers an Android version of the app from the Google Play Store. But, downloading it the program unloads a Trojan that attempts to steal the victim’s login credentials from 458 online services, which include social media platforms, cryptocurrency exchanges, as well as banking apps.
The most obvious tell that it’s a fake is that Clubhouse hasn’t yet released an Android version of its app. That, and that it delivers the program via its own server—a huge and notable red flag.
Malicious web claiming to offer #Clubhouse for Android spreads banking trojan Blackrock. It lures credentials from 458 apps – financial, cryptocurrency exchanges & wallets, social, IM, and shopping apps. There is currently no official Clubhouse app for Android. #ESETresearch 1/2 pic.twitter.com/azlxjvIgNO
— ESET research (@ESETresearch) March 16, 2021