New Delhi, March 19 (SocialNews.XYZ) Cyber security researchers on Friday discovered a malicious Android version of the invitation-only audio chat app Clubhouse that is served from a website that has the look and feel of the genuine website.
The Android trojan -- nicknamed "BlackRock" by ThreatFabric and detected by Slovak internet security firm ESET -- can steal victims' login credentials for more than 450 apps and bypass SMS-based two-factor authentication.
For starters, Twitter, WhatsApp, Facebook, Amazon, Netflix, Outlook, eBay, Coinbase, Plus500, Cash App, BBVA and Lloyds Bank are all on the list.
"Cybercriminals are attempting to take advantage of the popularity of Clubhouse to deliver malware that aims to steal users' login information for a variety of online services," said ESET malware researcher Lukas Stefanko.
The target list includes well-known financial and shopping apps, cryptocurrency exchanges, as well as social media and messaging platforms.
Clubhouse was yet to react to the report.
The app is currently available on Apple App Store and has been downloaded more than 8 million times. Its Android version is set to arrive soon as the company is working on it.
"To be frank, it is a well-executed copy of the legitimate Clubhouse website. However, once the user clicks on 'Get it on Google Play', the app will be automatically downloaded onto the user's device. By contrast, legitimate websites would always redirect the user to Google Play, rather than directly download an Android Package Kit, or APK for short," Stefanko explained.
Once the victim is hoodwinked into downloading and installing "BlackRock", the trojan tries to purloin their credentials using an overlay attack.
In other words, whenever the user launches one of the targeted applications, the malware will create a data-stealing overlay of the application and request the user to log in. Instead of logging in, the user unwittingly hands over their credentials to the cybercriminals.
The malicious app also asks the victim to enable accessibility services, effectively allowing the criminals to take control of the device, the researcher noted.
Source: IANS
Gopi Adusumilli is a Programmer. He is the editor of SocialNews.XYZ and President of AGK Fire Inc.
He enjoys designing websites, developing mobile applications and publishing news articles on current events from various authenticated news sources.
When it comes to writing he likes to write about current world politics and Indian Movies. His future plans include developing SocialNews.XYZ into a News website that has no bias or judgment towards any.
He can be reached at gopi@socialnews.xyz
This website uses cookies.