Jay-Z Android app cloned by hackers
- Published
Hackers have cloned the Android app of rapper Jay-Z and inserted messages criticising the US government.
The official app is being used by the rapper as a way to promote his latest album - Magna Carta Holy Grail.
Cloned versions of the app available via unofficial sites contain code that unlocked anti-Obama messages on 4 July.
The attack is believed to be part of protests against US government surveillance programs revealed this month.
Security firm McAfee discovered the app on third-party Android app sites. In a blogpost, external, McAfee researcher Irfan Asrar said the program initially appeared to do everything that the official app did.
However, he wrote, code added to the cloned version copied and sent information to a command-and-control server every time the phone was re-started. Once it made contact, the app tried to download extra code that included the anti-government images and messages.
A timer in this extra code waited for 4 July and then changed the app's wallpaper from pictures of album artwork and Jay-Z to that of President Obama wearing headphones. Above his image were the words "Yes we scan"- believed to be a reference to the NSA's extensive Prism scanning system. It is also plays on the slogan that President Obama campaigned under "Yes, we can."
"The image and the service name NSAListener suggest a hacktivist agenda," wrote Mr Asrar, "but we haven't ruled out the possibility that additional malware may target financial transactions or other data."
To avoid falling victim to this and other mobile threats, users should avoid downloading apps from unofficial sources and ensure security software is kept up to date, he added.
- Published4 July 2013
- Published7 March 2013