Apparently, judging by the numerous messages which are flooding the Twitter page of Spotify, the freemium service of the music streaming service has been hit by a malvertising attack. All the people who are running the Spotify Free service on their desktop are getting a strange browser behavior, and malicious ads which are serving up some malware are coming up from nowhere and they are not being blocked.
A post on the user forum for Spotify explained the situation and it said that any user who was using Spotify Free and it was open, they would notice that it will launch and continue launching the default internet browser on the computer they are using to some various kinds of malware/virus sites. Some of the malware sites do not even need external actions for them to cause harm to the devices.
The user who posted the story also said that of the three differ systems they had, all were doing this with Spotify, even all were clean before that. The user also noted that the problem might have been the ads which are on Spotify Free and hoped the company had noticed and was working on a fix.
Various users on the Windows 10, Ubuntu and the MacOS have all reported having the same issue on Twitter.
@SpotifyCares Yesterday the Spotify Free software started launching malware on my Mac's Safari on its own. Many have the same experience atm
— Taru Kalvi (@tarukalvi) October 5, 2016
Spotify has seen the problem and they replied to the post under the user forum noting that they were looking into the situation and would act accordingly after the investigation.
Malvertising is an issue whereby the cyber attackers can hijack the online ad networks, and in most cases the host site (Spotify in this scenario), not knowing what is happening. The malicious ads that the hackers will add, will then redirect the users to sites where some exploit kits will drop the payload which will be a range from ransomware to some banking Trojans, and all of it without any user interaction.
A recent malvertising attack was also seen on the popular website, answers.com, a website which has about 2 million visitors everyday. The visitors who will be browsing through the website will be unknowingly targeted by the malverts. They are at risk of being infected with a fraudulent and malicious ransomware on drive by basis, and they might even mot click on any ad.
The EVP and Chief Architect at Bromium, Rahul Kashyap, said that there had been an increase in the number of malverts lately. He said data showed that last year, a quarter of the 1000 websites on the Alexa ranking had malverts on them. A really worrying number.