The use of an Apps called clubhouse has increase a lot in recent years with its utmost popularity across the world. The audio-only app has recorded over 13 million downloads so far.
Recently, a concern came in forward about stealing of data by the aforesaid Apps. This is because a fake Clubhouse Android apps garnered which actually a password-stealing malware. The fake Clubhouse app is delivered by a fraudulent Clubhouse website that looks exactly like the official site, according to anti-malware ESET.
It is a matter of concern as it carries Blackrock malware which can gain illegal access to WhatsApp, Facebook etc.
There are only two differences: The ".com" in "joinclubhouse.com" is replaced by a different domain suffix, and the official Apple button to "Download on the App Store" is replaced by one that looks like the real Google app button, which reads "Get it on Google Play." The website which carries the link “Get it on Google Play” when tapped; the app gets downloaded on the phone automatically. So instead of redirecting to the Google Play Store first, the website directly installs the app on the phone, which is surely not a way of downloading an application on phone. This is a clear indication that the app is fake. Another thing is that the link does not have a secure connection. The site uses Mobi instead of .com.
To prevent the fraud by this fake Clubhouse app, one has to make sure that only Google Play can install or update software on the Android device. Go into Settings > Apps & Notifications > Special App Access > Install unknown apps and make sure no apps have this ability.
This is not the end once the malware gets downloaded on your phone, it can steal your login data for over 458 online services. These includes popular shopping, streaming, and financial apps along with social media apps. To name a few, the malware can collect your login data for Twitter, WhatsApp, Facebook, Amazon, Netflix, Outlook, eBay, and more.