Katy Perry has been sued by Christian hip-hop stars, who claim her hit Dark Horse ripped off their track Joyful Noise.
They accused Katy Perry of using the 2008 track without permission, tarnishing its “devoutly religious message” with images of “witchcraft” and “black magic.”
Joyful Noise comes from Flame’s Grammy-nominated album Our World: Redeemed.
Dark Horse topped the US Billboard chart for several weeks in January.
The group of rappers – Flame aka Marcus Gray, Lecrae Moore, Emanuel Lambert and Chike Ojukwu – are seeking damages from Katy Perry, guest artist Juicy J, Capitol Records and songwriters Dr Luke and Max Martin for copyright infringement.
Katy Parry has been sued for ripping off Joyful Noise for her mega-hit Dark Horse
Court papers in St Louis, Missouri, show they also want an injunction and profits gained from the unauthorized use of their track, stating Katy Perry had performed Dark Horse at sold-out concerts throughout the US and sold millions of copies.
“The devoutly religious message of Joyful Noise has been irreparably tarnished by its association with the witchcraft, paganism, black magic, and Illuminati imagery evoked by the same music in Dark Horse,” said the rappers’ complaint.
They continued: “Indeed, the music video of Dark Horse generated widespread accusations of blasphemy and an online petition signed by more than 60,000 demanding removal of an offensive religious image from the video.”
The video for Dark Horse was edited in February this year following the complaints, with a pendant featuring the Arabic word for God being digitally “scrubbed” out of the scene.
More than 440 million people have watched the video on YouTube since February this year.
Flame said the track’s similarities to Joyful Noise were brought to his attention by his DJ, Cho’zyn Boy. The DJ compiled an audio comparison of the two songs, published by Rapzilla, after noticing comments about them on Twitter.
They claim Katy Perry and her collaborators “never sought or obtained permission” to use Joyful Noise for “creating, reproducing, recording, distributing, selling, or publicly performing” Dark Horse.
Researchers have found that the teams responsible for the Flame and Stuxnet cyber-attacks worked together in the early stages of each threat’s development.
Flame, revealed last month, attacked targets in Iran, as did Stuxnet which was discovered in 2010.
Kaspersky Lab said they co-operated “at least once” to share source code.
“What we have found is very strong evidence that Stuxnet/Duqu and Flame cyber-weapons are connected,” Kaspersky Lab said.
Alexander Gostev, chief security expert at the Russian-based security company added: “The new findings that reveal how the teams shared source code of at least one module in the early stages of development prove that the groups co-operated at least once.”
Researchers have found that the teams responsible for the Flame and Stuxnet cyber-attacks worked together in the early stages of each threat's development
Vitaly Kamluk, the firm’s chief malware expert, said: “There is a link proven – it’s not just copycats.
“We think that these teams are different, two different teams working with each other, helping each other at different stages.”
The findings relate to the discovery of “Resource 207”, a module found in early versions of the Stuxnet malware.
It bears a “striking resemblance” to code used in Flame, Kaspersky said.
“The list includes the names of mutually exclusive objects, the algorithm used to decrypt strings, and the similar approaches to file naming,” Alexander Gostev said.
Recently, a New York Times investigation – based on an upcoming book – singled out the US as being responsible for Stuxnet, under the direct orders of President Barack Obama.
The report said the threat had been developed in co-operation with Israel.
No country is yet to publicly take responsibility for the attack.
Speaking about Flame, a spokesman for the Israeli government distanced the country from involvement following an interview in which a minister seemed to back the attacks.
“There was no part of the interview where the minister has said anything to imply that Israel was responsible for the virus,” the spokesman said.
Last week, the UN’s telecommunications head Dr. Hamadoun Toure said he did not believe the US was behind Flame, and that reports regarding the country’s involvement in Stuxnet were “speculation”.
Prof. Alan Woodward, a security expert from the University of Surrey, described the findings as interesting – but not yet a clear indicator of who was behind the attacks.
“The fact that they shared source code further suggests that it wasn’t just someone copying or reusing one bit of Stuxnet or Flame that they had found in the wild, but rather those that wrote the code passed it over,” he said.
“However, everything else still indicates that Flame and Stuxnet were written designed and built by a completely separate group of developers.
“At the very least it suggests there are two groups capable of building this type of code but they are somehow collaborating, albeit only in a minor way.”
Flame malware’s makers have sent a “suicide” command that removes it from some infected computers.
Security firm Symantec caught the command using booby-trapped computers set up to watch Flame’s actions.
Flame came to light after the UN’s telecoms body asked for help with identifying a virus found stealing data from many PCs in the Middle East.
New analysis of Flame reveals how sophisticated the program is and gives hints about who created it.
Like many other security firms Symantec has kept an eye on Flame using so-called “honeypot” computers that report what happens when they are infected with a malicious program.
Described as a very sophisticated cyber-attack, Flame targeted countries such as Iran and Israel and sought to steal large amounts of sensitive data.
Flame malware’s makers have sent a "suicide" command that removes it from some infected computers
Earlier this week Symantec noticed that some Flame command and control (C&C) computers sent an urgent command to the infected PCs they were overseeing.
Flame’s creators do not have access to all their C&C computers as security firms have won control of some of them.
The “suicide” command was “designed to completely remove Flame from the compromised computer”, said Symantec.
The command located every Flame file sitting on a PC, removed it and then overwrote memory locations with gibberish to thwart forensic examination.
“It tries to leave no traces of the infection behind,” wrote the firm on its blog.
Analysis of the clean-up routine suggested it was written in early May, said Symantec.
At the same time, analysis of the inner workings of Flame reveal just how sophisticated it is.
According to cryptographic experts, Flame is the first malicious program to use an obscure cryptographic technique known as “prefix collision attack”. This allowed the virus to fake digital credentials that had helped it to spread.
The exact method of carrying out such an attack was only demonstrated in 2008 and the creators of Flame came up with their own variant.
“The design of this new variant required world-class cryptanalysis,” said cryptoexpert Marc Stevens from the Centrum Wiskunde & Informatica (CWI) in Amsterdam in a statement.
The finding gives support to claims that Flame must have been built by a nation state rather than cybercriminals. It is not clear yet which nation created the program.
Russian researchers have discovered a complex targeted cyber-attack that collected private data from countries such as Israel and Iran.
Russian security firm Kaspersky Labs said they believed the malware, known as Flame, had been operating since August 2010.
The company said it believed the attack was state-sponsored, but could not be sure of its exact origins.
They described Flame as “one of the most complex threats ever discovered”.
Research into the attack was carried out in conjunction with the UN’s International Telecommunication Union.
Russian security firm Kaspersky Labs said they believed the malware, known as Flame, had been operating since August 2010
In the past, targeted malware – such as Stuxnet – has targeted nuclear infrastructure in Iran.
Others like Duqu have sought to infiltrate networks in order to steal data.
This new threat appears not to cause physical damage, but to collect huge amounts of sensitive information, said Kaspersky’s chief malware expert Vitaly Kamluk.
“Once a system is infected, Flame begins a complex set of operations, including sniffing the network traffic, taking screenshots, recording audio conversations, intercepting the keyboard, and so on,” he said.
More than 600 specific targets were hit, Vitaly Kamluk said, ranging from individuals, businesses, academic institutions and government systems.
Iran’s National Computer Emergency Response Team posted a security alert stating that it believed Flame was responsible for “recent incidents of mass data loss” in the country.
Vitaly Kamluk said the size and sophistication of Flame suggested it was not the work of independent cybercriminals, and more likely to be government-backed.
He explained: “Currently there are three known classes of players who develop malware and spyware: hacktivists, cybercriminals and nation states.
“Flame is not designed to steal money from bank accounts. It is also different from rather simple hack tools and malware used by the hacktivists. So by excluding cybercriminals and hacktivists, we come to conclusion that it most likely belongs to the third group.”
Among the countries affected by the attack are Iran, Israel, Sudan, Syria, Lebanon, Saudi Arabia and Egypt.
“The geography of the targets and also the complexity of the threat leaves no doubt about it being a nation-state that sponsored the research that went into it,” Vitaly Kamluk said.
The malware is capable of recording audio via a microphone, before compressing it and sending it back to the attacker.
It is also able to take screenshots of on-screen activity, automatically detecting when “interesting” programs – such as email or instant messaging – were open.
Kaspersky’s first recorded instance of Flame is in August 2010, although it said it is highly likely to have been operating earlier.
Prof. Alan Woodward, from the Department of Computing at the University of Surrey said the attack is very significant.
“This is basically an industrial vacuum cleaner for sensitive information,” he said.
He explained that unlike Stuxnet, which was designed with one specific task in mind, Flame was much more sophisticated.
“Whereas Stuxnet just had one purpose in life, Flame is a toolkit, so they can go after just about everything they can get their hands on.”
Once the initial Flame malware has infected a machine, additional modules can be added to perform specific tasks – almost in the same manner as adding apps to a smartphone.