Researchers from ESET said a fake version of the audio chat app Clubhouse is being used by hackers to deliver malware and steal login credentials from 458 apps, including Amazon, Facebook, Twitter and WhatsApp, Threatpost reports. Currently, Clubhouse is only available on Apple's App Store and attackers are targeting Android users looking to try the app. "To be frank, it is a well-executed copy of the legitimate Clubhouse website. However, once the user clicks on 'Get it on Google Play', the app will be automatically downloaded onto the user's device. By contrast, legitimate websites would always redirect the user to Google Play, rather than directly download an Android Package Kit, or APK for short," said researcher Lukas Stefanko. Social media or third-party websites could have aided the spread of the fraudulent website, which looks similar to the real Clubhouse website, Stefanko added. App credentials most likely targeted by the malware include those from cryptocurrency exchanges, financial and shopping apps, and social media and messaging apps.
Jill Aitoro leads editorial for SC Media, and content strategy for parent company CyberRisk Alliance. She 20 years of experience editing and reporting on technology, business and policy.
BleepingComputer reports that Android devices could have their data compromised and be eventually hijacked in attacks with the novel Brokewell banking trojan.
Attacks leveraging fraudulent job lures to distribute the new Kaolin RAT malware have been launched by North Korean hacking collective Lazarus Group against individuals across Asia last summer, reports The Hacker News.
Millions of devices could still be compromised by the abandoned PlugX USB worm with self-replicating functionality, with infections logged from almost 2.5 million IP addresses over a six-month period beginning September 2023, according to Ars Technica.