Malicious Ads Serving Malware to Spotify Users

Users of free music streaming service, Spotify are reporting that they have been the victims of drive-by malware attacks according to a report from Netcraft.

SpotifyUsers of free music streaming service, Spotify are reporting that they have been the victims of drive-by malware attacks according to a report from Netcraft.

The attacks appear to be coming from third party advertisements which are displayed in the ad-supported version of Spotify‘s software. By exploiting local software, attackers are able to infect unprotected computers.

One such attack, and maybe more, is known to have exploited a vulnerability in Java to push executable code onto a victim’s computer. Thus far, AVG software has identified two malicious payloads, Trojan horse Generic_r.FZ and Blackhole Exploit Kit. Both art hosted on the uev1.co.cc domain.

As of this morning, Netcraft is still receiving reports on the problem.

“Several people have reported the problem to Spotify over the past 24 hours,
and attacks are still being reported at the time of publication. It is
believed that the attacks are being launched through malicious
third-party adverts which are displayed in ad-supported versions of the
Spotify software. By exploiting local software vulnerabilities, the
attacker can then install malware on unprotected computers,” the Netcraft report said.

Suggested articles