Story image

Spotify Free hits sour note with infected ads

14 Oct 16

Some users of the ad-supported music streaming service Spotify Free got more hits than they bargained for, according to numerous reports.

It all started on Tuesday (4th), when one of its users reported an issue to their forum. It read:

There’s something pretty alarming going on right now with Spotify Free. This started several hours ago. If you have Spotify Free open, it will launch – and keep on launching – the default Internet browser on the computer to different kinds of malware / virus sites. Some of them do not even require user action to be able to cause harm.

I have 3 different systems (computers) which are all clean and they are all doing this, all via Spotify – I am thinking it’s the Ads in Spotify Free.

Within a matter of hours, Twitter users were echoing these sentiments and indicating that browsers on Windows 10, MacOS and Ubuntu were launching and spawning the suspect ads.

Spotify was hit with a similar incident in 2011 when an ad that appeared directly in their Windows desktop software installed a bogus antivirus program.

At the time, Spotify noted that users running antivirus software were protected.

Spotify’s response indicated that one ad was responsible for spawning and re-spawning multiple malicious ads.

Commenting on the story, ESET’s Lysa Myers said: “Users need to be aware that free apps come with a cost  – of extra risk due to malvertising. It might behoove people to take their business to vendors with a good track record of not using ad networks that infect users. But keep in mind that sometimes these things slip into otherwise high-quality ad networks, so it’s a good idea to keep your software – especially OS, browsers and plug-ins – regularly updated, and have anti-malware suite including a firewall on your machines. Linux and OS X are not immune, and need to be protected with security software as well.”

In 2014, Spotify experienced a data breach. While it was a highly isolated incident – only one user’s data was accessed – the music giant nevertheless took the incident seriously.

It stated at the time: “We take these matters very seriously and as a general precaution will be asking certain Spotify users to re-enter their username and password to log in over the coming days.

“As an extra safety step, we are going to guide Android app users to upgrade over the next few days.”

Article by an editor for We Live Security

Royole's FlexPai: So bendable phablets are a reality now
A US-based firm called Royole is delivering on that age-old problem of not being able to fold up your devices (who hasn't ever wished they could fold their phone up...)
Hands-on review: Having fun in Knowledge is Power: Decades and Chimparty
They don’t revolutionise social video gaming, but they are enjoyable enough to occupy you during a wet weekend. 
Kiwis losing $24.7mil to scam calls every year
The losses are almost five times higher compared to the same period last year, from reported losses alone.
Tile's Mate & Pro Bluetooth trackers land in NZ
If your car keys (or your tablet) have disappeared into the void at the back of the couch or if you left them somewhere in your car, retracing your steps to find them could be a thing of the past.
Government still stuck in the past? Not on GovTech's watch
What exactly is GovTech and what’s been happening in our capital city?
"Is this for real?" The reality of fraud against New Zealanders
Is this for real? More often than not these days it can be hard to tell, and it’s okay to be a bit suspicious, especially when it comes to fraud.
Hands-on review: The iPhone Xs
The iPhone Xs is a win that brought numerous new and exciting features to the market.
How much does your Amazon Prime Video subscription really get you?
For our NZ$8.90 per month, the average cost per title is US$0.00126 - but we only really get a choice of 416 TV shows and 4321 movies. Choice is a little bit limited compared to other countries.