Beware Android trojan posing as Clubhouse app – We Live Security
The malware can grab login credentials for more than 450 apps and bypass SMS-based two-factor authentication
Cybercriminals are attempting to take advantage of the popularity of Clubhouse to deliver malware that aims to steal users login information for a variety of online services, ESET malware researcher Lukas Stefanko has found.
Disguised as the (as yet non-existent) Android version of the invitation-only audio chat app, the malicious package is served from a website that has the look and feel of the genuine Clubhouse website. The trojan nicknamed BlackRock by ThreatFabric and detected by ESET products as Android/TrojanDropper.Agent.HLR can steal victims login data for no fewer than 458 online services.
The target list includes well-known financial and shopping apps, cryptocurrency exchanges, as well as social media and messaging platforms. For starters, Twitter, WhatsApp, Facebook, Amazon, Netflix, Outlook, eBay, Coinbase, Plus500, Cash App, BBVA and Lloyds Bank are all on the list.
The website looks like the real deal. To be frank, it is a well-executed copy of the legitimate Clubhouse website. However, once the user clicks on Get it on Google Play, the app will be automatically downloaded onto the users device. By contrast, legitimate websites would always redirect the user to Google Play, rather than directly download an Android Package Kit, or APK for short, said Stefanko.
Even before tapping the button there are signs that something is amiss, such as the connection not being secure (HTTP instead of HTTPS) or that the site uses the .mobi top-level domain (TLD), rather than .com used by the legitimate app (see Figure 1). Another red flag should be that even though Clubhouse is indeed planning to launch the Android version of its app soon, the platform is at present still available only for iPhones.
Figure 1. Notice the difference in the URLs between the fraudulent (left) and legitimate (right) website
Once the victim is hoodwinked into downloading and installing BlackRock, the trojan tries to purloin their credentials using an overlay attack. In other words, whenever the user launches one of the targeted applications, the malware will create a data-stealing overlay of the application and request the user to log in. Instead of logging in, the user unwittingly hands over their credentials to the cybercriminals.
Using SMS-based two-factor authentication (2FA) to help prevent anyone from infiltrating your accounts wouldnt necessarily help in this case, since the malware can also intercept text messages. The malicious app also asks the victim to enable accessibility services, effectively allowing the criminals to take control of the device.
To be sure, there are other ways to spot the malicious decoy besides those shown in Figure 1. Stefanko points out that the name of the downloaded app Install, instead of Clubhouse should be an instant red flag. While this demonstrates that the malware creator was probably too lazy to disguise the downloaded app properly, it could also mean that we may discover even more sophisticated copycats in the future, he warned.
Figure 2. The installation prompt
This is perhaps also a good opportunity to brush up on mobile security best practices:
For a more thorough take on how to protect yourself against mobile security threats, head over to this article.
Read more from the original source:
Beware Android trojan posing as Clubhouse app - We Live Security
- Hive to launch Beeblade Nexus media control engine - Installation and AV Technology Europe - January 27th, 2025 [January 27th, 2025]
- Pakistan introduces law allowing government to block platforms, imprison users for spreading 'disinformat - The Times of India - January 27th, 2025 [January 27th, 2025]
- This little media control button is the gadget I can't live without - MSN - January 22nd, 2025 [January 22nd, 2025]
- Effective role of media is a must for tobacco control, experts say - bdnews24.com - January 22nd, 2025 [January 22nd, 2025]
- Effective media role vital for tobacco control: Experts - United News of Bangladesh - UNB - January 22nd, 2025 [January 22nd, 2025]
- How Government & Legacy Media CONTROL What We Think - iHeartRadio - January 9th, 2025 [January 9th, 2025]
- SNL kinda banned this 1998 'Schoolhouse Rock' parody warning about corporate media control - Upworthy - December 30th, 2024 [December 30th, 2024]
- Palestinian Authority: Jews Lied About Oct. 7 Because They Control the Media - Algemeiner - December 30th, 2024 [December 30th, 2024]
- NDCs control of major media houses gave them edge in 2024 polls Bawumia - Adomonline - December 22nd, 2024 [December 22nd, 2024]
- Hallmark Insights to Tackle the Debate on Social Media Management and Control in Organizations - PC Tech Magazine - December 14th, 2024 [December 14th, 2024]
- Rupert Murdochs bid to change familys trust over Fox News media empire control is rejected - Washington Times - December 10th, 2024 [December 10th, 2024]
- Rupert Murdoch loses battle to control succession to his media empire - The Guardian - December 10th, 2024 [December 10th, 2024]
- Journalist Abducted in Guinea Amid Military's Increasing Control Over Media - Oneindia - December 5th, 2024 [December 5th, 2024]
- Aleppo and Idlib Under Opposition Control, With Eyes on Hama - The Media Line - December 5th, 2024 [December 5th, 2024]
- Remilekun Dosumu takes the helm as Head of Media Buying & Control at PHD Nigeria - Marketing Edge - December 5th, 2024 [December 5th, 2024]
- Media reports US Republicans regaining control of House of Representatives - MENAFN.COM - November 14th, 2024 [November 14th, 2024]
- Social media misinformation is scaring women about birth control - STAT - November 5th, 2024 [November 5th, 2024]
- The (Lack Of) Science Behind Social Media Claims Of Weather Control - Forbes - October 14th, 2024 [October 14th, 2024]
- No, the government is not controlling the weather. "It's so stupid, it's got to stop," Biden says - CBS News - October 14th, 2024 [October 14th, 2024]
- Column: Media tries to control the narrative | Aiken Standard - The Post and Courier - October 12th, 2024 [October 12th, 2024]
- DoubleVerify To Introduce Pre-Screen Content Control On Meta, Strengthening Brand Safety, Suitability, Media Performance - Business - October 12th, 2024 [October 12th, 2024]
- Android Auto 13.0: Paving the way for enhanced media control - MSN - October 11th, 2024 [October 11th, 2024]
- Unveiling Android Auto 13.0: Paving the way for seamless media control - MSN - October 11th, 2024 [October 11th, 2024]
- How Trump consolidated control over his party and right-wing media in a cloud of confusion - CNN - October 4th, 2024 [October 4th, 2024]
- Israel aims to control the social media sphere by any means necessary, even through abduction - Middle East Monitor - October 3rd, 2024 [October 3rd, 2024]
- Media Throw Everything But the Facts Against Harriss Price Control Proposal - FAIR - September 28th, 2024 [September 28th, 2024]
- Control of Murdoch media empire at stake as hearing to proceed with mogul and children - ABC News - September 19th, 2024 [September 19th, 2024]
- Closed-door hearing in Nevada could decide control of the Murdoch media empire - PBS NewsHour - September 19th, 2024 [September 19th, 2024]
- A Second Trump Admin Means Giving Social Media Control Of The Presidency - Daily Kos - September 19th, 2024 [September 19th, 2024]
- Control of Murdoch media empire at stake as hearing to proceed with mogul and children - Beaumont Enterprise - September 19th, 2024 [September 19th, 2024]
- Control of the Murdoch media empire could be at stake - 9News - September 19th, 2024 [September 19th, 2024]
- TeleFico: How the Prime Minister Wants to Control the Media in Slovakia - The Journal - September 19th, 2024 [September 19th, 2024]
- The Growing Threat of Big Pharma, Big Tech, and Media Control Over America: A Warning Echoed from Eisenhower to Zuckerberg - MSN - September 6th, 2024 [September 6th, 2024]
- Pest Control Advisors Need to be on Social Media - AGInfo Ag Information Network - August 22nd, 2024 [August 22nd, 2024]
- Should parents control their teenagers' use of social media? - The National - August 22nd, 2024 [August 22nd, 2024]
- Parliamentary committee holds hearing on alleged gov't control of media - MSN - August 22nd, 2024 [August 22nd, 2024]
- NBC News host presses Gov. Whitmer on Harris' price control plan: Is it 'any more than a gimmick?' - Fox News - August 22nd, 2024 [August 22nd, 2024]
- "The situation is under control", as reported by the Russian media about the Ukrainian incursion - Vijesti.me - August 22nd, 2024 [August 22nd, 2024]
- The 6 Companies That Control The Media - MSN - August 16th, 2024 [August 16th, 2024]
- Hate speech and misinformation on social media are out of control heres what we should do about it - TNW - August 11th, 2024 [August 11th, 2024]
- Rupert Murdoch Wants Lachlan To Inherit Control Of Media Empire, Sparking Legal Battle With Other Children Report - Deadline - July 28th, 2024 [July 28th, 2024]
- Media has normalised Trump's bullying it's time to take control - Independent Australia - July 28th, 2024 [July 28th, 2024]
- Russian authorities to set control on social media accounts with over 1,000 followers - NEWS.am - July 15th, 2024 [July 15th, 2024]
- Lawrence O'Donnell Torches Media Over 'Out Of Control' White House Briefing - HuffPost - July 14th, 2024 [July 14th, 2024]
- Facebook and Instagram Update Ban List to Include Posts on Zionists Who Control the World - The Jewish Press - JewishPress.com - July 10th, 2024 [July 10th, 2024]
- HIV/AIDS in News: Time to Bridge the Gap between Media, HIV +ve Patient and State AIDS Control Society - Tripuratimes - July 10th, 2024 [July 10th, 2024]
- Social media is talking to teens about birth control, but do they know what they're talking about? - The Philadelphia Inquirer - June 30th, 2024 [June 30th, 2024]
- Smart Monkeys | partners with Hive Media Control - blooloop - June 16th, 2024 [June 16th, 2024]
- Slovakia's Fico plots to dismantle the free press - POLITICO Europe - May 15th, 2024 [May 15th, 2024]
- Liberia: Lack of Mass Media Control Denting Public Confidence in the Justice System - AllAfrica - Top Africa News - May 15th, 2024 [May 15th, 2024]
- Why Don't Media Care About The Man Who Killed Four Cops? - The Federalist - May 3rd, 2024 [May 3rd, 2024]
- Pedro Snchez threatens curbs on media amid corruption claims against wife - The Times - May 3rd, 2024 [May 3rd, 2024]
- This secret Android 15 feature could finally give you more media control with a Wear OS smartwatch - TechRadar - May 1st, 2024 [May 1st, 2024]
- New features in Microsoft Edge want to make you use the taskbar media controls more often - XDA Developers - May 1st, 2024 [May 1st, 2024]
- OPINION: Soviet-style control of art and media is not so foreign as you might think - Alaska Watchman - April 24th, 2024 [April 24th, 2024]
- The media is controlled and I'm out of control: Artist who smashed guitar at Coachella pulls out after backlash - Guitar World - April 24th, 2024 [April 24th, 2024]
- Social media will tell you birth control causes mental health issues, weight gain and infertility here are the facts - The Conversation - April 13th, 2024 [April 13th, 2024]
- Sports gambling has gotten out of control - The Philadelphia Inquirer - March 26th, 2024 [March 26th, 2024]
- On the Cover: Andrew Huberman's Mechanisms of Control - New York Magazine - March 26th, 2024 [March 26th, 2024]
- Montgomery County breaks ground on library, animal control facility - Main Street Media of Tennessee - March 26th, 2024 [March 26th, 2024]
- St John's College Cambridge now has control over the SJV choir's social media - The Tab - March 26th, 2024 [March 26th, 2024]
- "Media credibility lies solely within its own control, by being objective, not getting involved in politics": VP Dhankar - SahilOnline - March 26th, 2024 [March 26th, 2024]
- Prince William Learned a Hard Lesson About Social Media Controlling the Royal Family Rumors - SheKnows - March 22nd, 2024 [March 22nd, 2024]
- This proposed bill would give Tennessee parents control over their child's social media accounts - News Channel 5 Nashville - January 31st, 2024 [January 31st, 2024]
- Why Is Shari Redstone, Ruler of a Vast Media Kingdom, Weighing a Sale? - The New York Times - December 25th, 2023 [December 25th, 2023]
- Poland's President Duda Vetoes 2024 Bill Over Media Control - BNN Breaking - December 25th, 2023 [December 25th, 2023]
- Israeli media failed to manipulate truth this time, says media union head | News - Yeni afak English - December 17th, 2023 [December 17th, 2023]
- Public Employees: "They Control Everything We Say on Social Media" - Confidencial - December 12th, 2023 [December 12th, 2023]
- The Vicious Cycle of Rumor in China - China Media Project - December 12th, 2023 [December 12th, 2023]
- Godrej announces launch of advanced pest control in India - FoodBev.com - November 3rd, 2023 [November 3rd, 2023]
- Xbox is about to get better apps and web games - The Verge - November 3rd, 2023 [November 3rd, 2023]
- Eve Pappas Honored as Decorated Business Women in New Jersey - PCT Online - November 3rd, 2023 [November 3rd, 2023]
- CDC's National Institute for Occupational Safety and Health ... - CDC - November 3rd, 2023 [November 3rd, 2023]
- 23-052 USACE to rehabilitate and improve Russel Creek Canal - nww.usace.army.mil - November 3rd, 2023 [November 3rd, 2023]
- Control RH to Improve Product Quality - Quality Assurance & Food Safety - November 3rd, 2023 [November 3rd, 2023]
- What the end of Japan's yield curve control experiment means for ... - Financial Times - November 3rd, 2023 [November 3rd, 2023]
- CBP officers seize $3.5M in cocaine at Colombia-Solidarity Bridge - Customs and Border Protection - November 3rd, 2023 [November 3rd, 2023]
- BLM planning prescribed burns - Bureau of Land Management - November 3rd, 2023 [November 3rd, 2023]
- The AMA welcomes bill to tighten tobacco and vaping laws - Australian Medical Association - November 3rd, 2023 [November 3rd, 2023]
- News Room: City of Red Deer announces pilot snow and ice control ... - The City of Red Deer - November 3rd, 2023 [November 3rd, 2023]