By now, you must have heard of used the audio chat app, Clubhouse. And if you are a user already, you should already know that the app isn’t available for Android yet. However, a group of hackers is trying to exploit the app’s popularity by releasing malware disguised as its Android version.
It is true Clubhouse is working on an Android version of the app. But this won’t arrive for a few more months. Expect it to be released on the company’s official website and via the Google Play Store.
Antivirus provider ESET spotted the Trojan program shared by the hackers. It has been circulated via a fake Clubhouse website at “joinclubhouse[.]mobi”. The site itself looks identical to the real Clubhouse website, but it claims to offer an Android version of the app from the Google Play Store. When you download it, the Trojanized program will attempt to steal your logins from 458 online services, including social media platforms, cryptocurrency exchanges, and banking apps.
Although the fake website claims to offer the Clubhouse app from the Google Play Store, it’ll actually deliver the program via its own server—a notable red flag. Once installed, the Trojan will then try to steal passwords by generating a fake login window over the apps you open, such as Facebook, Twitter, or Netflix. The fake window will then record whatever you type, and ferry off your passwords to the hacker’s server.
“Using SMS-based two-factor authentication (2FA) to help prevent anyone from infiltrating your accounts wouldn’t necessarily help in this case, since the malware can also intercept text messages. The malicious app also asks the victim to enable accessibility services, effectively allowing the criminals to take control of the device.”
[Source]