Spotify Music Service Hit by 'Blackhole' Malware Ads

The music streaming site Spotify has been found to be serving the same fake antivirus software campaign that compromised high numbers of UK servers in February, according to security companies.

Websense report that from 11.30am on 24th March, an unknown number of users of the 'free' version of the Spotify Windows desktop app were served one a range of potential remote software exploits through a rogue advert running inside the application itself.

On systems where the behaviour was not picked up by antivirus software, a bogus security application called 'Windows Recovery' would then have run. After 'running', Windows Recovery would have pretended to have found a number of errors on Windows PCs that could be fixed by taking out a license. That license would be as worthless as the software itself.

The ad doesn't need any user interaction to test the exploits against the system. It runs simply because the Spotify application has been loaded. Any members of Spotify who pay for the service and do not receive in-app advertising will not have been affected by this scam. Mobile users also escaped.

While searching for the root of the problem, Spotify turned off all ads and have yet to turn them back on.

print this article

Return to security news headlines
View Security News Archive

Share with: