Security News > 2021 > March > Bogus Android Clubhouse App Drops Credential-Swiping Malware
Researchers are warning of a fake version of the popular audio chat app Clubhouse, which delivers malware that steals login credentials for more than 450 apps.
As of now the app is only available on Apple's App Store mobile application marketplace - there's no Android version yet.
Cybercriminals are swooping in on Android users looking to download Clubhouse by creating their own fake Android version of the app.
To add a legitimacy to the scam, the fake app is delivered from a website purporting to be the real Clubhouse website - which "Looks like the real deal," said Lukas Stefanko, researcher with ESET. "To be frank, it is a well-executed copy of the legitimate Clubhouse website," said Stefanko on Friday.
In a commonly-used tactic by Android malware, the malicious app also asks the victim to enable accessibility services on the phone in order to grant itself permissions on the phone without the victim's knowledge.
While this malicious app is in no way affiliated with the legitimate Clubhouse app itself, researchers warn that more sham Clubhouse apps will appear in the future - particularly while the demand for a yet-to-be rolled out Android version continues.
News URL
https://threatpost.com/android-clubhouse-app-malware/164915/
Related news
- Android malware uses NFC to steal money at ATMs (source)
- New NGate Android malware uses NFC chip to steal credit card data (source)
- Cybercriminals Deploy New Malware to Steal Data via Android’s Near Field Communication (NFC) (source)
- New Android Malware NGate Steals NFC Data to Clone Contactless Payment Cards (source)
- SpyAgent Android malware steals your crypto recovery phrases from images (source)
- New Android SpyAgent Malware Uses OCR to Steal Crypto Wallet Recovery Keys (source)
- Beware: New Vo1d Malware Infects 1.3 Million Android-based TV Boxes Worldwide (source)
- New Android Malware 'Ajina.Banker' Steals Financial Data and Bypasses 2FA via Telegram (source)
- New Vo1d malware infects 1.3 million Android TV streaming boxes (source)
- New Vo1d malware infects 1.3 million Android streaming boxes (source)