- Huge rush for admission in Siddaganga math school
- Twitter bans over 25 lakh accounts in India; Know why
- Elon Musk Reclaims Position as World’s Richest Person After Bernard Arnault’s Louis Vuitton Shares Drop
- 'Muslim League Is A Secular Party,' Says Rahul Gandhi
- Foxconn to start manufacturing iPhones in Bengaluru in April 2024
- Petrol and diesel prices today stable in Hyderabad, Delhi, Chennai and Mumbai on 02 June 2023
- ELCINA heartily welcomes MeitY’s revised initiative to Re-Open Scheme for investments in Semiconductors
- Google introduces new 'reading practice' feature for play books
- President Draupadi Murmu and PM Modi extends Telangana formation day wishes
- Indian-Origin Teen Won US Spelling Bee 2023
Beware! This fake Clubhouse Android app has BlackRock malware
There is a fake Clubhouse Android app that contains the infamous BlackRock malware.
The Clubhouse is one of the most popular social apps. The invite-only audio, social app completed a year this week with 13 million downloads. The Clubhouse is currently available on iOS with an Android version in the works. A fake Clubhouse Android app has been discovered on the Google Play Store, and it actually contains the infamous BlackRock malware.
This malicious application can gain access to the login credentials of more than 450 applications and bypass SMS-based two-factor authentication, according to a report by ESET Irlenad researcher Lukas Stefanko. This app looks exactly like the original Clubhouse app, with the design and user interface possible to fool anyone who doesn't know. The app's website description is the same as the iOS version, with an option to "Get it on Google Play." Once you tap on that button, the app automatically downloads to your phone. This is the biggest indicator in and of itself, as it should have taken you to the Google Play Store from where you would download the app.
ESET notes that there are more indicators that it is a rogue application, and these include the site that uses HTTP instead of HTTPS and the domain name that ends in .mobi and not .com.
The application contains the BlackRock Trojan that is famous for stealing user credentials. Once the malware is installed on the mobile and any other susceptible applications are launched, it will use an overlay attack to steal the user's credentials. Some of the popular apps that can get hacked include Twitter, WhatsApp, Facebook, Amazon, and Netflix.
There is currently no Android version of the Clubhouse app. One is in the works, and when it launches, it will be available on the Google Play Store. Considering the popularity of Clubhouse or any new app, cloned apps that can be potentially dangerous often show up.