Spotify Connect Exploit - Spotiamb 0.2.1. - hijacks user accounts to play songs.

Solved!
Reply

Re: Spotify Connect Exploit - Spotiamb 0.2.1. - hijacks user accounts to play songs.

Jackso11
Newbie

I am another one who is effected. Spotify please just ban Spotilamb !

Re: Spotify Connect Exploit - Spotiamb 0.2.1. - hijacks user accounts to play songs.

heldrida
Casual Listener

There's Deezer guys

Re: Spotify Connect Exploit - Spotiamb 0.2.1. - hijacks user accounts to play songs.

skiddadale
Casual Listener

I would not surprise me if this was a security flaw that has been found within spotify itself.

It is about time it reached the media as they do not appear to be doing anything about it.

Re: Spotify Connect Exploit - Spotiamb 0.2.1. - hijacks user accounts to play songs.

Baerghuhn
Newbie

Oh yeah, I just contacted support about this and they told me, it was a valid third-party app that I just needed to revoke access for on the apps page. This really looks like a big security *bleep*-up and should be covered by the media, as spotify does'nt seem interested to fix this.

Re: Spotify Connect Exploit - Spotiamb 0.2.1. - hijacks user accounts to play songs.

JohannesSwe
Newbie

I also contacted te support for the Spotiamb problem. The answer (original in Swedish):

 

"Thank you for writing to us. We have looked at your case and will investigate it.

In the meantime, as a precaution, we blocked all users - including yourself at the moment - from accessing your account. We have also deleted your payment information for security reasons and disconnected your Facebook account.

In order for us to confirm that you are the legitimate account holder, please send one of the following:
Earliest receipt for one of your Spotify payments You should be able to find it by searching for "Spotify receipt" in your inbox.
A screenshot of a Spotify payment on your bank or PayPal excerpt (make sure the date and payment reference are visible on the screen).
Once we have received the above information we can start the survey.

In the meanwhile, we strongly recommend that you change the password for the email address registered for your Spotify account (we do not mean your Spotify password, but the email address password associated with your Spotify account, such as Gmail, Hotmail, etc. .)"

 

 

Thanks alot Spotify!

I had to create a new account to share this with you...

 

 

Re: Spotify Connect Exploit - Spotiamb 0.2.1. - hijacks user accounts to play songs.

user-removed
Not applicable

I am getting thouroughly sick and tired of this exploit ruining my premium music experience, I have done everything on here suggested 3 times revoking all access resetting my account, it's fine for a few days and then lo and behold it's back!

 

Spotify GET THIS FIXED!!!  There are enough users screaming their heads off over this but you dont seem to want to take this seriously!  It's not like you are the only streaming service in town!

Re: Spotify Connect Exploit - Spotiamb 0.2.1. - hijacks user accounts to play songs.

kaanpolat
Casual Listener

Have you tried changing password and then revoking access? Worked for me. I must have logged on from somebody else's device at some point.

Re: Spotify Connect Exploit - Spotiamb 0.2.1. - hijacks user accounts to play songs.

Angelicmts
Regular

Thanks Chopp.I have been hijacked too. I followed your advice. In a few days I will share how worked for me. Thanks

Spotiamb 0.2.1. changes my daily mix content.

Angelicmts
Regular

After revocate access and reset password, I have found that the content of my daily mixes has changed, and it is aligned with the awful music that Spotiamb played with my account. Any idea to solve (besides of "just wait")?

Highlighted
Solution!

Re: Spotify Connect Exploit - Spotiamb 0.2.1. - hijacks user accounts to play songs.

cnnmndsspntmnt
Casual Listener

Solved.

 

I got excellent help from the Spotify support staff.

 

We went through all the motions: facebook access, revoking, etc..  All of which I'd covered on my own.

 

And then, when we finally got to the point of cutting the cord and restarting my account, a very (very) important question got asked.  "Can you login with your Spotify account?"  My huh?  I'd logged in with FB from the get-go.  "Looks like you logged in once with a Spotify account five years ago.  Do you remember that password?"  

Nope.  But, hot-darn that was the solution.  

 

While I'd done everything under the sun to lock down my accounts, you know, since 2015, I'd left a backdoor to Spotify in the form of an account and a password I didn't care about at the time.  Who'd have thought that five years later I'd be more concerned that my AI overlord's suggestions would be torn asunder by hacking?

 

Long story short?  Changed and revoked the password.  Bonus?  The help was able to move my Discover Weekly goodness back to its original goodness.

 

All is right in the world.  

SUGGESTED POSTS