Spotify Community

colesl4w · 2015-07-29

Hi all,

Just wanting to draw attention to this. It appears that there is an exploit for Spotify Connect which uses the Spotiamb 0.2.1 extension to hijack user accounts and play a set list of songs. Affected users will see "Spotiamb 0.2.1" appear as an available Spotify Connect device. The result is that their account will, multiple times throughout a day at random intervals, play albums by these two artists, amongst others:

Dungeonsd: https://open.spotify.com/album/66xm00as0QlKB2dOE6fUpH

Tony Oldam: https://open.spotify.com/album/3m0eumQjUDrLyAwJmkFMpi

These tracks will interrupt anything the user is currently playing.

Other users are experiencing the exact same behaviour

https://community.spotify.com/t5/Help-Desktop-Linux-Windows-Web/Random-unsolicited-song-hijacks-play...

https://community.spotify.com/t5/Help-Accounts-and-Subscriptions/Spotify-hacked-by-a-pro/m-p/1178797

Could a member of the Spotify team please comment on this? It is somewhat concerning that there appears to be an unaddressed explit capable of making user accounts play any tracks they wish.

Many thanks.

colesl4w · 2016-11-17

I can't believe that same exploit is still going around after all this
time. Absolutely shocking, to say the least. I'm glad people have found
benefit from this thread though.

trogdortro · 2016-11-18

Getting the exact same issue - bizarre instrumental music playing from Spoitamb 0.2.1.

Changed facebook, spotify passwords and disconnected all devices - will update with results.

kurumin · 2016-11-20

Same problem here. There´s no solution?

willboot · 2016-11-20

The problem just went away for me - in fact I'd forgotten about it until this thread started up again. I mostly play Spotify through sonos these days - maybe that had something to do with it.

amarmitra · 2016-11-20

I moved to Tidal. I don't have this problem anymore.

REIMEREI · 2016-11-20

I'm now getting the same problem! And it is really getting to my nerves...

trogdortro · 2016-11-20

Update: I've completely gotten rid of Spotiamb by changing both my facebook and spotify passwords and forcing a log out of all devices several times.

Waited a full day of heavy spotify usage with no random pauses or **bleep**ty ambient music.

REIMEREI · 2016-11-20

It stopped (for now), and I only rebooted Spotify.

buschtoens · 2016-11-24

It's ridiculous how this exploit still has not been fixed. I've fallen victim, too.

FND4 · 2016-11-29

Same thing happened to me (started yesterday 11/27/16)

I have a stand alone Spotify account and I logged into the website via my phone, disconnected all devices, and changed my password. So far it hasn't returned but will update should it return.

This is a serious exploit for Spotify and it shocks me that it hasn't been fixed, you can't keep looking the other way Spotify "Support" you have to actually make an effort to remedy this before people stop paying for your premium and start with the social media blasting.

garviand · 2016-12-05

I am having this issue as well. Please fix ASAP

baaadger · 2016-12-21

Its still a thing, just happened to me

Mavi222 · 2016-12-21

It just hapened to me too. This is attrocious!

EricLopez · 2016-12-26

having the same issue here. Spotiamb's getting on my nerves already. It's only been a week since I got hijacked by this spotiamb thing. Whenever I listen to music on spotify, there'll be this one point in the middle of my playlist where all of a sudden, my music gets paused and then some weird song from an unknown artist to me gets played instead and then a pop-up window says if I want to listen on spotiamb 0.2.1. This is seriously irritating.

Atoramos · 2016-12-27

This is happening to me. Spotify uses a unique username and password, yet my session gets hijacked to play other music. Not acceptable.

H0n24x · 2016-12-27

This has happened to me, too. My account was used to play Blink Of Youth by Permanent Alias: https://play.spotify.com/track/5lL8JycJGydxJPuH7M3bpA

alexschrod · 2016-12-28

I'm going to join in here and say that I'm being affected by this too, for about a week or two at this point.

I have now tried changing my password, delete all my "offline devices" and logging out everywhere to see if it helps, although I must say that the last time I tried "log me out everywhere" I was never actually logged out of the Spotify Android app, so I don't know how well that feature really works.

Rodpulsar · 2016-12-30

Same problem here since a month or so.

I just opened a case @ Spotify. They replied me asking for some details which I just provided :

Your platform and operating system (Mac, Windows, iPhone etc.).
The version of Spotify you're running (you'll find this under About Spotify in the app's settings).
Is this happening over WiFi? 3G/4G? Both?
How much storage you have left on your device?
A full description of the issue, with as much detail as possible.
How long you've had this issue.
What actions led to it happening.
Does the issue appear on any other devices that you use Spotify on?

Also any screenshot might help them, however it's always the same screenshot : Spotiamb 0.2.1 in the Connected Devices section.

Also I disconnected from all devices and reinitialized my Facebook account Password : no change. I must add that my passwords are all 128 bits encrypted (created with KeePass), there is no chance one can get brute-forced in 10 minutes 😉

I tried to shut down my phone, thinking that it was the device that "launched" Connect, and permitted Spotiamb to Jam the system... but nope. Phone or not phone, the behavior stays the same.

So wait and see, but actually this problem is not acceptable for me. I pay 10€ each month, and was about to pay 15€ for the new "whole family account". For the moment I wait and see.

Rod

colesl4w · 2016-12-30

Hi Rod,
Thanks for doing that! Could you please also link them to this forum post?
To make them aware of just how many people have this issue and how long it
has been running for. Its shocking that an issue like this for a paid
service still hasn't been fixed or even commented on.

sbeam · 2017-01-09

I am having the same issue.

I use Facebook login.

Forced removal/log out of all devices, Spotiamb disappeared for now.

5 Minutes later Spotiamb is back on my devices list and my playback stops again 😞

Spotify Community

Spotify Connect Exploit - Spotiamb 0.2.1. - hijacks user accounts to play songs.

Spotify Connect Exploit - Spotiamb 0.2.1. - hijacks user accounts to play songs.

Suggested posts

Let's introduce ourselves!

Help Wizard

Step 1

Just quickly...

Spotify Connect Exploit - Spotiamb 0.2.1. - hijacks user accounts to play songs.

Spotify Connect Exploit - Spotiamb 0.2.1. - hijacks user accounts to play songs.

Suggested posts

Let's introduce ourselves!