Jay-Z's Magna Carta Holy Grail targeted by fake app

Hacktivists create a fake version of the app for new Jay-Z album Magna Carta Holy Grail to comment on government surveillance.

Richard Trenholm Former Movie and TV Senior Editor

Richard Trenholm was CNET's film and TV editor, covering the big screen, small screen and streaming. A member of the Film Critic's Circle, he's covered technology and culture from London's tech scene to Europe's refugee camps to the Sundance film festival.

Expertise Films, TV, Movies, Television, Technology

See full bio

Richard Trenholm

July 5, 2013 4:09 a.m. PT

Android phones have come under attack from malware masquerading as Jay-Z's Magna Carta Holy Grail, targeting rap fans looking to get the album on their Samsung Galaxy phone.

Spotted by McAfee Mobile Security, the Android Trojan is hidden in a dodgy copy of the app for Jay-Z's latest album, which was released early to selected owners of the Samsung Galaxy S4, Galaxy S3 and Note 2.

On the surface, the fake app is identical to the real thing. But in the background, the malware sends data to an external server every time the phone restarts, and attempts to download and install additional packages.

The malware contains a built-in timer that was set to activate on Independence Day, replacing your phone's wallpaper with a satirical image of President Obama and the tagline "Yes we scan," a reference to the current controversy surrounding government surveillance.

McAfee hasn't ruled out the possibility that the malware could target your data, but the purpose of the fake app seems to be to make a hacktivist point.

It's another reminder that Google Play, the Android app store, has an open door policy to apps. Google has software that checks apps, called Google Bouncer, but unlike the Apple App Store apps aren't approved before they go live. So remember folks, only download apps from trusted sources -- or you might end up with 99 problems.