Researchers from ESET said a fake version of the audio chat app Clubhouse is being used by hackers to deliver malware and steal login credentials from 458 apps, including Amazon, Facebook, Twitter and WhatsApp, Threatpost reports. Currently, Clubhouse is only available on Apple's App Store and attackers are targeting Android users looking to try the app. "To be frank, it is a well-executed copy of the legitimate Clubhouse website. However, once the user clicks on 'Get it on Google Play', the app will be automatically downloaded onto the user's device. By contrast, legitimate websites would always redirect the user to Google Play, rather than directly download an Android Package Kit, or APK for short," said researcher Lukas Stefanko. Social media or third-party websites could have aided the spread of the fraudulent website, which looks similar to the real Clubhouse website, Stefanko added. App credentials most likely targeted by the malware include those from cryptocurrency exchanges, financial and shopping apps, and social media and messaging apps.
Jill Aitoro leads editorial for SC Media, and content strategy for parent company CyberRisk Alliance. She 20 years of experience editing and reporting on technology, business and policy.
Cybersecurity and Infrastructure Security Agency Director Jen Easterly said that the agency's automated vulnerability warning program will be ready for full deployment by the end of the year, according to CyberScoop.
Organizations in the Americas, Europe, and Asia have been subjected to the ongoing FROZEN#SHADOW attack campaign that involved the distribution of the stealthy SSLoad malware alongside Cobalt Strike and ConnectWise ScreenConnect software to compromise networks, reports The Hacker News.
CyberScoop reports that over 100 Ukrainian local government and police documents uploaded to VirusTotal in February were discovered to have been infected with the OfflRouter malware, which dates back to 2015 and could only spread through already compromised files and removable media devices.