Android Trojan Posing As Clubhouse App

By   ISBuzz Team
Writer , Information Security Buzz | Mar 24, 2021 02:49 am PST

Cybercriminals are attempting to take advantage of the popularity of Clubhouse to deliver malware that aims to steal users’ login information for a variety of online services, ESET malware researcher Lukas Stefanko has found.

Disguised as the (as yet non-existent) Android version of the invitation-only audio chat app, the malicious package is served from a website that has the look and feel of the genuine Clubhouse website. The trojan – nicknamed “BlackRock” by ThreatFabric and detected by ESET products as Android/TrojanDropper.Agent.HLR – can steal victims’ login data for no fewer than 458 online services.

The target list includes well-known financial and shopping apps, cryptocurrency exchanges, as well as social media and messaging platforms. For starters, Twitter, WhatsApp, Facebook, Amazon, Netflix, Outlook, eBay, Coinbase, Plus500, Cash App, BBVA and Lloyds Bank are all on the list.

Notify of
1 Expert Comment
Oldest Most Voted
Inline Feedbacks
View all comments
Jake Moore
Jake Moore , Global Cyber Security Advisor
March 24, 2021 10:50 am

<p>Third party apps stores are rarely beneficial to the average user, as they can often do more damage than good. Before using an app for the first time, it is worth researching the app and the developers before it’s too late. When you are confident it is legitimate, it is vital that you fully understand the permissions you are giving away when installing these apps as this allows the developers to read data from your device. Malware has a habit of finding its way onto legitimate app stores, but they are easier to distinguish from as download numbers will usually be low and reviews, if any, may look slightly suspicious.</p> <p> </p> <p>It is always worth noting that you should always make sure all your apps are continually up to date, along with the phone’s operating system too</p>

Last edited 3 years ago by Jake Moore

Recent Posts

Would love your thoughts, please comment.x