If you are a techno-savvy person and like using different apps available on your smartphone, then here's something you really need to know or else you are at risk of being hacked.
We all know that the Clubhouse app - an invitation-only audio-chat iPhone app launched in April 2020, is increasingly getting popular across the globe. In less than a year's time, the app has garnered over 13 million downloads so far.
However, now a fake app in the disguise of Clubhouse is installing harmful malware on the user's phone. Since it looks identical to the original Clubhouse app, users often get tricked and they download it without a doubt in their minds.
Available on the Google Play Store, this fake Clubhouse app actually contains the infamous BlackRock malware. This malicious app can get access to login credentials from more than 450 apps, and also bypass SMS-based two-factor authentication, according to a report by Ireland-based ESET researcher Lukas Stefanko.
How the fake Clubhouse app works
This app looks exactly like the original Clubhouse app with the design and UI possible to fool anyone.
The app's website description is the same as the iOS version with an option to 'Get it on Google Play'.
Once you tap on that button, the app automatically downloads on your phone.
This is the biggest indicator itself as it should have actually taken you to the Google Play Store from where you would download the app.
The app carries Blackrock malware which can gain illegal access to your WhatsApp, Facebook and other important apps.
Some of the popular apps that can be hacked include Twitter, WhatsApp, Facebook, Amazon, and Netflix.
The malware is delivered to your phone through a website and not Google Play Store.
Interestingly, the app is only available for iPhone users so there is no question of it being on the Google Play Store.
There's currently no Android version of the Clubhouse app.
There is one in the works, and when it’s launched it will be available on the Google Play Store.
The cybercriminals have copied the iOS app's website description of the original Clubhouse to make it look authentic.
The bogus app site uses HTTP instead of HTTPS, and also the domain name ends in .mobi and not .com.
