Clubhouse for PC isn’t a thing - that download is actually malware

Fraudulent Facebook ad campaign stayed up for several days, but don’t be fooled

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Threat actors have reportedly posted Facebook ads for amalware-laden download that pretended to be aClubhouseapp for Windows.

Cybercriminals often piggyback on the popularity of successful apps to lure innocent users to download infected clones - and with millions ofdownloadsalready, the invite-only audio-chat ClubhouseiPhone applent itself nicely to the scammers.

Ads that promised to overcome Clubhouse’s two limitations (invite- and iPhone-only) shouldn’t have passed Facebook’s security checks, but somehow did, and had a free run on the platform, directing innocent users to several Facebook pages impersonating Clubhouse.

We’re looking at how our readers use VPN for a forthcoming in-depth report. We’d love to hear your thoughts in the survey below. It won’t take more than 60 seconds of your time.

Click here to start the survey in a new window«

Fake ads

According to reports, at least nine different ads for the fraudulent non-existent app were placed this week between Tuesday and Thursday.

When clicked, the ad would lead to a fake Clubhouse website, which even included a mock up of the Clubhouse PC app along with a download link to a tained executable.

Security researchers have examined the executable and reveal that when run it phones a command and control (C2) server to obtain instructions on how to infect the computer. At least in one reported instance, the executable tried to infect the researcher’s sandboxed machine with ransomware.

However, it appears that the C2 server, and the fake Clubhouse websites, which were hosted in Russia, have gone offline.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

WhenTechCrunchcontacted Facebook about the ads that have now been removed from the platform, the social network refused to share the number of its users that had clicked on the ads pointing to the fake Clubhousewebsites.

The fake facebook ads campaign comes on the heels of revelations that cybercriminalsbroke through Google Play Store’s protectionsto list a malware-like fake Netflix application on the platform.

It’s worrying to see cybercriminals able to bypass security checks and protocols of established platforms, such as Facebook andGoogle, and the tech giants will have to up the ante in order to prevent further misuse.

Via:TechCrunch

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’sTechRadar Pro’sexpert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.

This new malware utilizes a rare programming language to evade traditional detection methods

A new form of macOS malware is being used by devious North Korean hackers

Arcane season 2 confirms the hit series isn’t just one of the best Netflix shows ever made – it’s an animated legend that’ll stand the test of time