Cybercriminals have spoofed a number of Facebook ads as a Clubhouse app for PC users to target unsuspecting victims with malware, TechCrunch has learned.
TechCrunch was alerted Wednesday to Facebook ads linked to multiple Facebook pages impersonating Clubhouse, a drop-in audio chat app available on the iPhone.Clicking on the ad will open the website. The fake Clubhouse includes a mock-up of a PC app that doesn’t exist with download links to malicious apps.
Once opened, the malicious app will attempt to communicate with commands and the control server to receive instructions on what to do next. A sandboxed malware analysis showed that a malicious app tried to infect the device with ransomware.
But overnight, the fake Clubhouse website, hosted in Russia, went offline. In doing so, the malware was down as well, Guardicore̵7;s Amit Serper, which tested the malware in a sandbox on Thursday, said the malware received a server error and was not. Do more
It is not uncommon for cybercriminals to tailor their malware campaigns to the success of a very popular app.Clubhouse has been reported to have had more than 8 million downloads worldwide to date, despite the recent release of the Invite only That high demand has created a scramble to reverse engineer the app to create a bootleg version to bypass Clubhouse’s gated walls, but also to government censorship that the app has been blocked.
Each Facebook page pretending to be a Clubhouse has only a handful of likes. But it remains active at the time of publication.Upon reaching Facebook, it will not tell you how many account owners have clicked on ads pointing to the fake Clubhouse website.
At least nine ads have been placed this week, between Tuesday and Thursday. Several ads said Clubhouse was “available for PC”, while the other was a picture of co-founders Paul Davidson and Rohan Seth. Clubhouse did not return requests for comment.
The ad has been removed from the Facebook ad library, but we have published a copy. It was not clear how the ads were created through Facebook’s processes in the first place.