Hackers can infiltrate into your devices via Clubhouse

Clubhouse works with a Shanghai-based company to provide real-time audio technology support

Hackers can infiltrate into your devices via Clubhouse

Photo for representational purpose only. Reuters file

New Delhi, February 19

As invite-only audio conversation app Clubhouse gains popularity, cyber security experts warned on Friday that hackers can distribute malicious code under the guise of fake applications to join the platform.

There are privacy concerns because Clubhouse works with a Shanghai-based company called Agora to provide real-time audio technology support. The firm is headquartered in Shanghai and Silicon Valley.

Denis Legezo, security expert at cyber-security firm Kaspersky, said that there are two main concerns here -- the sale of invites and fake applications.

"Both scenarios are united by one thing -- the desire to exploit users' interest in the social platform," he said in a statement.

The first scenario is simply monetisation on a small scale. "However, the second scenario is more serious. Attackers can distribute malicious code under the guise of popular software - for instance, a fake version of Clubhouse for Android," Legezo emphasised.

"A fake malicious application can do exactly what you allow it to do in the security settings of your Android -- to get a rough or accurate location of the device, record audio and video, attain access to messengers, etc.," he warned.

Melissa Chan, a Hong Kong-American broadcast journalist, gave a talk on Clubhouse on February 4 about Beijing's overseas influence campaigns.

According to The Star, she found out that "the conversation was surreptitiously recorded by individuals who sympathized with Chinese Communist Party actions".

"The security repercussions could be as benign as nothing happening to users, to police in their country detaining a Clubhouse user because of something they said. Even if absolutely nothing happens to a user living in an authoritarian country, keep in mind that that person lives with the uncertainty of not knowing if something might happen in the future," Chan was quoted as saying in the report.

Some more unusual tricks are also possible on Clubhouse.

"For instance, if attackers implement the capacity to record audio, and this function is allowed on the device, they would be able to use high quality recordings to train their machine algorithms, to create more sophisticated deep fakes," Legezo commented.

In an interview with the South China Morning Post, Agora has said it does not "store any end-user data".

In its last blog post late last month, Clubhouse which has seen over 8 million users on Apple devices, said user safety has always been a top priority for them.

"This means scaling up our Trust & Safety and Support teams as we grow, continuing to invest in advanced tools to detect and prevent abuse, and increasing the features and training resources available to moderators," it said. — IANS

Tribune Shorts

Top Stories

Rs 50,000 compensation to be paid to families of Covid-19 victims from SDRF, Centre tells SC

Rs 50,000 compensation to be paid to families of Covid-19 victims from SDRF, Centre tells SC

Kin of those who died of Covid will have to apply for compen...

UK approves Covishield, but yet to accept Cowin certificates

UK approves Covishield, but yet to accept Cowin certificates

Certain assurances have been given on resolving the issue: F...

PM Modi bats for mutual recognition of vaccine certificates amid UK row

PM Modi bats for mutual recognition of vaccine certificates amid UK row

Promises resumption of vax export, says supply chains for va...

Ready to make any sacrifice to stop Navjot Sidhu becoming CM: Capt Amarinder

Ready to make any sacrifice to stop Navjot Sidhu becoming CM: Capt Amarinder

Will pit a strong candidate against PPCC president in 2022 A...

Women’s entry into NDA can’t be deferred by a year, says Supreme Court

Women’s entry into NDA can’t be deferred by a year, says Supreme Court

Says no to Centre’s request to allow women in NDA exam from ...

Cities

View All