Clubhouse, an invite-only app that recently became popular, is currently available only to iPhone users. Android users, however, have to wait for a bit as currently, it is in the phase of being developed.
Ahead of any formal launch, the Google Play Store is being flooded with clone apps of Clubhouse.
According to a report by WeLiveSecurity, “cybercriminals are trying to take advantage of the popularity of Clubhouse to deliver malware that aims to steal users’ login information for a variety of online services”
The report details the malicious package — that comes with a trojan nicknamed “BlackRock” by ThreatFabric — is served from a website that has the look and feel of the authentic app.
“The target list includes well-known financial and shopping apps, cryptocurrency exchanges, as well as social media and messaging platforms. For starters, Twitter, WhatsApp, Facebook, Amazon, Netflix, Outlook, eBay, Coinbase, Plus500, Cash App, BBVA and Lloyds Bank are all on the list,” said the report.
Once the victim is looped into downloading and installing BlackRock, the trojan tries to steal their credentials using an overlay attack.
“In other words, whenever the user launches one of the targeted applications, the malware will create a data-stealing overlay of the application and request the user to log in. Instead of logging in, the user unwittingly hands over their credentials to the cybercriminals,” explained the report.
For those users who feel that having SMS-based two-factor authentication (2FA) will be able to bypass the threat, the report claims that the malware can also intercept text messages.
Further, the malicious app also asks the victim to enable accessibility services, which means that it effectively enables the criminals to take control of the device of the user.
One giveaway that you may be looking at a fake app is that once the user clicks on ‘Get it on Google Play’, the app automatically starts downloading. Whereas if it were a genuine app, it would redirect a user to the Google Play listing.
Source: Click Here