Spotify Connect Exploit - Spotiamb 0.2.1. - hijacks user accounts to play songs.

Solved!
Reply

Re: Spotify Connect Exploit - Spotiamb 0.2.1. - hijacks user accounts to play songs.

Rorey
Spotify Legend

Hey folks.

 

Just to help clarify, the Spotiamb player has never been hacked to our knowledge. We believe the issue here is attackers guessing passwords. This is easy to fix.

 

@amarmitra You also need to disconnect from all devices like I mentioned in my post above. The issue may not be resolved if you only change your password. Give this a try and post back if it doesn’t work. We’ll gladly get you sorted out.

Re: Spotify Connect Exploit - Spotiamb 0.2.1. - hijacks user accounts to play songs.

buurin
Casual Listener

I have been dealing with this issue for a few weeks now.

 

I used facebook to create my account though I do not believe my password was guessed by brute force (16+ characters, upper/lowercase, numbers, and symbols). Regardless, I changed my Facebook password, and logged all devices out of Facebook. Then, I logged all users out of Spotify.

 

This did not resolve the issue.

 

I have tried to create a spotify device password but I never receive the e-mail.

 

What should my next steps be?

Re: Spotify Connect Exploit - Spotiamb 0.2.1. - hijacks user accounts to play songs.

gideonshils
Casual Listener

I'm having the same issue. My account is playing random songs every few hours from spotiamb 0.2.1

 

Changing my password and disconnectiong all accounts did not help.

 

Any further suggestions?

 

Edit: Case #03650348

Re: Spotify Connect Exploit - Spotiamb 0.2.1. - hijacks user accounts to play songs.

gideonshils
Casual Listener
Case number from emailing support is #03650348

Re: Spotify Connect Exploit - Spotiamb 0.2.1. - hijacks user accounts to play songs.

user-removed
Not applicable

@gideonshils

 

Hello:

 

Thanks for the case#. I will mention 

Re: Spotify Connect Exploit - Spotiamb 0.2.1. - hijacks user accounts to play songs.

user-removed
Not applicable
I'm getting hit by this exploit as well. It's ridiculously frustrating given that I stream my music into my home system, and I get all that weird music.

How do I get a case opened for this?

Re: Spotify Connect Exploit - Spotiamb 0.2.1. - hijacks user accounts to play songs.

willboot
Regular

FWIW, I did as suggested re disconnecting/passwords (again) and this time it seems to have worked. Haven't seen any sign of Spotiamb for a couple of weeks now. Coincidentally (or not!) my Netflix account was compromised as well, some Spanish-speaking guy getting a free ride on my account.

Re: Spotify Connect Exploit - Spotiamb 0.2.1. - hijacks user accounts to play songs.

buurin
Casual Listener
Asking again, what should my next steps be? Details are in my previous post.

Thanks

Re: Spotify Connect Exploit - Spotiamb 0.2.1. - hijacks user accounts to play songs.

Rorey
Spotify Legend

Hey @buurin Our support team will need to help you out. Please get in touch with them at the following link.

http://www.spotify.com/about-us/contact/contact-spotify-support/?contact

Highlighted

Re: Spotify Connect Exploit - Spotiamb 0.2.1. - hijacks user accounts to play songs.

user-removed
Not applicable

I am getting properly frustrated with the persistent hijacking of my Spotify account, despite having forced log outs from all devices time and time again. This has been going on for weeks, and I've had to pull over to the side of the road to get my playlist playing again. I'm rather sure that if an accident happened as a result of this, and Spotify's unwillingness/inability to put a stop to this, would make for an interesting talking point across social media.

 

Rorey - can you please have someone help me on this?

SUGGESTED POSTS