The Jay-Z’s Magna Carta Holy Grail Trojan horse app was discovered by McAfee Mobile Security. This Android Trojan horse hides within a pirated copy of the Jay-Z app. Samsung users were targeted because the legitimate app was released exclusively for Samsung devices on Google Play.
How To Detect the Fake App
If you downloaded the Trojan application, you would realize that the infected app functions identically like Jay-Z’s legitimate app. However, in the background, the Trojan horse transmits data about your infected device to the attacker every time your phone is initiated. Like most malware, this Trojan horse attempts to download and install additional malicious packages. If you had this fake application installed on your Samsung device, you suddenly had your background wallpaper image changed to an image of President Barack Obama on July 4th. The attacker designed a time-trigger event with the Trojan horse app to swap your wallpaper image with the President Barack Obama image.
This vulnerability is a reminder of how Google Play allows apps to be published on their app store. Google attempts to keep the installation approach as open as possible. With Android, you are able to conveniently install apps through multiple means, which include Google Play, non-Android stores, and sideloading. There’s hardly any red tape a developer must encounter when compared to Apple, and consequently, this is how the bad guys submit their malicious apps.
Google launched an Android security feature called Bouncer. Bouncer scans Google Play for malware and eliminates malicious apps before they reach our Android devices. However, some security experts are not too impressed with Bouncer as they have found flaws within the system. An attacker can disguise an app from being malicious, while Bouncer is running, and deploy the malware on a user’s device. Whether Bouncer is safe or not, it’s best to download from a legitimate app store such as Google Play. Jay-Z’s Magna Carta Holy Grail Fake App was downloaded from a pirated album copy that has been found in several other sites.
How To Stay Safe from Malware
You should always be cautious about the apps you download and install on your device. The malware payload can cause damage to your mobile device, as well as intrude on your privacy and personal information. You can take the following preventive measures for installing infected apps:
- Only download from a reputable app store, such as Google Play or Amazon Appstore.
- Glance at app reviews -- People will often rate an infected app poorly and will usually warn others through the app reviews.
- Avoid downloading unofficial apps -- It's always safer to install official apps from an official app store.
- Keep your mobile device up-to-date -- Ensure you have the latest updates installed on your device.
- Don't download pirated software.
- Use strong antivirus protection such as McAfee Mobile Security