Malware Uses Fake Jay-Z App to Highlight NSA Spying on Independence Day.
To celebrate his new album - Magna Carta Holy Grail - Jay-Z and Samsung signed a multi-million pound deal to allow one million Samsung Galaxy smartphone owners to download a copy of the album three days ahead of its official release.
However hacktivists have taken advantage of the deal by creating a pirate copy of the app which looks and acts exactly like the real one but has the potential to send sensitive information about the infected device to an external server every time the phone restarts.
The malware - called Android.AntiObscan - then attempts to download and install additional malware, all without the user noticing.
The only indication that the version of the app is fake will be triggered on 4 July, Independence Day in the United States. The malicious software has been coded so that on this date, the phone's wallpaper will be replaced with the one seen above right, hinting that hacktivists rather than cyber-criminals may be behind this app.
The wallpaper makes clear reference to the recent (http://www.ibtimes.co.uk/articles/476559/20130609/edward-snowden-revealed-nsa-prism-whistleblower.htm) leaks by whistleblower Edward Snowden about the NSA and its widespread covert spying on the US population.
The app was discovered by McAfee Mobile Security and in a (http://blogs.mcafee.com/consumer/android-malware-set-for-july-4-carries-political-message) blog post analyst Irfan Asrar said it was likely the app was created in the last couple of weeks:
"Based on the political message and the fact that it was embedded in an app that coincides with the release of Jay Z's latest album, we suspect the Trojan was recently introduced into the wild."
While the image, and the service name - NSAListener - suggest a hacktivist agenda, Asrar says the company has "not ruled out the possibility that additional malware may target financial transactions or other data."
Mobile malware is growing at an exponential rate and almost all of it is targeting the Android platform, because it is the most popular platform in the world but also because it is seen as less secure than iOS, Windows Phone or BlackBerry.
As Asrar puts it: "To paraphrase lyrics from Jay Z, it seems Android malware has 99 problems and Android.AntiObscan just became another."
While the official app is available on Google Play, this pirated copy is available elsewhere on the web, and will be attractive to those looking to download pirated copies of Jay-Z's album (http://www.mtv.co.uk/news/jay-z/385452-jay-z-magna-carta-holy-grail-leak) which have already leaked online .
|Printer friendly Cite/link Email Feedback|
|Publication:||International Business Times - US ed.|
|Date:||Jul 4, 2013|
|Previous Article:||Wales: Wartime Diseases of Scurvy and Rickets Make Comeback in Children.|
|Next Article:||Tottenham Facing Competition In Race To Sign Brazilian Striker.|