July 5, 2013 11:50 am
Updated: July 5, 2013 11:58 am

Hacktivists target Jay-Z’s Magna Carta Holy Grail app with malware

The malware, which attempts to download and install additional packages on the users device, only become visible to the user via a time-based trigger set to activate on the U.S.’s July 4th holiday.

Photo courtesy of McAfee Mobile Security
A A

TORONTO – Jay-Z is going to have to add ‘hacktivist’ to his list of 99 problems.

The rapper released his 12th studio album Thursday via an exclusive Android app for a limited number of Samsung devices – but hackers reportedly released a fake app that contained malware.

According to McAfee Mobile Security, which spotted the malware, the Android Trojan virus is hidden in a pirated copy of the Magna Carta Holy Grail app.

Story continues below

McAfee noted that the hackers likely targeted the app due to it’s demand on pirated sites – where users would have downloaded this infected version.

“On the surface, the malware app functions identically to the legit app,” read a blog post from McAfee’s Irfan Asrar.

“But in the in the background, the malware sends info about the infected device to an external server every time the phone restarts.”

The malware, which attempts to download and install additional packages on the device, only becomes visible to the user via a time-based trigger set to activate on the U.S.’s July 4th holiday.

Once triggered, the malware changes the infected phone’s wallpaper to display an image of President Barack Obama that reads, “Yes we scan” and “We are watching you” – a political message in response to the recent scandal over the National Security Agency’s (NSA) PRISM Internet surveillance program.

Read More: What is PRISM? A cyber-surveillance explainer

Due to the malware’s political message, McAfee suggests the infection was released by ‘hacktivists.’

McAfee believes the mobile virus is fairly new noting, “Based on the political message and the fact that it was embedded in an app that coincides with the release of Jay Z’s latest album, we suspect the Trojan was recently introduced into the wild.”

The security company cautions that user’s financial transactions and other data may have been compromised by the Trojan.

Jay-Z’s app-based album release has been undoubtedly successful – over half a million copies have been downloaded from the Google Play store.

But, this pirated app marks yet another blunder for the project.

Anxious fans who tried to download the app just after the stroke of midnight Thursday reported that they couldn’t use the app because it was frozen. Many reports suggested that it took well over two hours for the app to start working so users could listen to the highly-anticipated album.

The app also came under fire for its terms of service, some complaining that the app requested to access too much information from users.

Atlanta-based Rapper Killer Mike even tweeted a screenshot of the app permissions page, which showed access requests including, “full network access,” “approximate (network-based) location, precise (GPS) location” and “read phone status and identity.”

© 2013 Shaw Media

Report an error

Comments

Want to discuss? Please read our Commenting Policy first.