Android trojan posing as Clubhouse can steal data from 450 apps

Date:

Cybersecurity researchers on Friday discovered a malicious Android version of the invitation-only audio chat app Clubhouse that is served from a website that has the look and feel of the genuine website.

The Android trojan — nicknamed “BlackRock” by ThreatFabric and detected by Slovak internet security firm ESET — can steal victims’ login credentials for more than 450 apps and bypass SMS-based two-factor authentication.

For starters, Twitter, WhatsApp, Facebook, Amazon, Netflix, Outlook, eBay, Coinbase, Plus500, Cash App, BBVA, and Lloyds Bank are all on the list.

“Cybercriminals are attempting to take advantage of the popularity of Clubhouse to deliver malware that aims to steal users’ login information for a variety of online services,” said ESET malware researcher Lukas Stefanko.

The target list includes well-known financial and shopping apps, cryptocurrency exchanges, as well as social media and messaging platforms.

The clubhouse was yet to react to the report.

The app is currently available on Apple App Store and has been downloaded more than 8 million times. Its Android version is set to arrive soon as the company is working on it.

“To be frank, it is a well-executed copy of the legitimate Clubhouse website. However, once the user clicks on ‘Get it on Google Play, the app will be automatically downloaded onto the user’s device. By contrast, legitimate websites would always redirect the user to Google Play, rather than directly download an Android Package Kit or APK for short,” Stefanko explained.

Once the victim is hoodwinked into downloading and installing “BlackRock”, the trojan tries to purloin their credentials using an overlay attack.

In other words, whenever the user launches one of the targeted applications, the malware will create a data-stealing overlay of the application and request the user to log in. Instead of logging in, the user unwittingly hands over their credentials to the cybercriminals.

The malicious app also asks the victim to enable accessibility services, effectively allowing the criminals to take control of the device, the researcher noted.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Share post:

spot_img

Popular

More like this
Related

“‘Pottel’ Now Streaming on OTT!”

The movie ‘Pottel’, which brought a unique storyline to...

“‘We’re Coming for Sankranthi’ Receives Huge Response on Book My Show!”

Star hero Victory Venkatesh's latest movie ‘Sankranthiki Vastunnam’ has...

“Zebra” Now Streaming on OTT – Watch It Today!

Versatile actor Satyadev is undoubtedly one of the standout...

Jakkanna’s Unstoppable Trend: What’s the Secret?

It's been two and a half years since Rajamouli's...