Cybercriminals have found out several Facebook ads simulating as a Clubhouse app for PC users to target unsuspecting victims with viruses. These Facebook Ads were associated with several Facebook pages masquerading Clubhouse, the drop-in audio chat app that is only available to use on iPhones.
The ads open up a fake Clubhouse website when clicked on, which includes fake screenshots of what the app on PC looks like along with a download link to the malicious app. The app tries to interact with a command and control the server to get instructions on what to perform next. One sandbox analysis of the malware displayed the malicious app attempt to infect the isolated machine with ransomware. But, the fake Clubhouse sites – hosted in Russia went offline overnight. Due to this, the malware stopped working, Guardicore’s Amit Serper who tested out the malware stated that the malware got an error from the to sever and did not do anything more.
Fake Website Setup To Look Like Clubhouse’s Real Website
The Facebook pages simulating Clubhouse had only a few likes but were active at the time of publication. Facebook didn’t say how many owners of the account had tapped on the ads leading to the fake Clubhouse sites. These ads were then removed from Facebook’s Ad Library. It is still not clear as to how these ads went through Facebook’s process in the first place.