Cybercriminals have taken out a series of Facebook ads disguised as a clubhouse app for PC users to target unsuspecting victims with malicious software, TechCrunch has learned.
On Wednesday, TechCrunch was notified of Facebook ads linked to several Facebook pages that mimic Clubhouse, the drop-in audio chat app only available on iPhones. Clicking on the ad opens a fake clubhouse website, including a scornful screenshot of what the non-existent PC app looks like, with a download link to the malicious app.
When opened, the malicious app tries to communicate with a command and control server for instructions on what to do next. A sandbox analysis of malicious software showed that the malicious app was trying to infect the isolated computer with ransomware.
But overnight, the fake clubhouse websites ̵
It is not uncommon for cybercriminals to tailor malicious campaigns to counter the success of very popular apps. Clubhouse has reportedly topped more than 8 million global downloads to date despite an invitation-only launch. The high demand led to a struggle to redesign the app to build bootleg versions of it to avoid Clubhouse’s walled walls, but also public censorship where the app is blocked.
Each of the Facebook pages that mimicked Clubhouse had only a handful of likes, but were still active at the time of publication. When Facebook is reached, would not say how many account owners had clicked on the ads that pointed to the fake clubhouse sites.
At least nine ads were placed this week between Tuesday and Thursday. Several of the ads said that Clubhouse “is now available for PC”, while another contained a picture of co-founders Paul Davidson and Rohan Seth. The clubhouse did not return a request for comment.
The ads have been removed from Facebook’s Ad Library, but we have published a copy. It is also not clear how the ads initially did it through Facebook’s processes.