In order to promote his latest album, "Magna Carta ... Holy Grail," musician Jay-Z partnered with Samsung to release an app exclusively to Galaxy smartphone owners. Since the app gives folks the opportunity to download the new album for free before it's even officially released July 8, it's understandable that those without Galaxy smartphones want to get their hands on it as well.
This gave some sneaky hackers an opportunity to cause trouble.
"McAfee Mobile Security has identified a new Android Trojan embedded in a pirated copy of an exclusive app from rapper Jay-Z," Irfan Asrar, a researcher for McAfee, writes in a post on the security software maker's blog.
While the malicious app looks and functions just like the legitimate app as far as a user might see, it quietly sends out information about the device it is installed on while also downloading and installing additional items.
"The only visible indication that a user is infected comes via a time-based trigger that [was] set to activate on July 4" Asrar explains. On that day, the wallpaper on devices which have downloaded the malicious version of the app was changed to an image of President Obama with a caption declaring "YES WE SCAN."
This image, along with the the name under which the malicious version of the app runs ("NSAListener"), suggests "a hacktivist agenda," Asrar says, but he doesn't rule out the posibility that "additional malware may target financial transactions or other data."
So what's the lesson here? It's pretty simple: Be careful when it comes to downloading apps from places other than the Google Play store or other official app markets (such as Amazon's Appstore).
Want more tech news or interesting links? You'll get plenty of both if you keep up with Rosa Golijan, the writer of this post, by following her on Twitter, subscribing to her Facebook posts, or circling her on Google+.