Spotify Community

colesl4w · 2015-07-29

Hi all,

Just wanting to draw attention to this. It appears that there is an exploit for Spotify Connect which uses the Spotiamb 0.2.1 extension to hijack user accounts and play a set list of songs. Affected users will see "Spotiamb 0.2.1" appear as an available Spotify Connect device. The result is that their account will, multiple times throughout a day at random intervals, play albums by these two artists, amongst others:

Dungeonsd: https://open.spotify.com/album/66xm00as0QlKB2dOE6fUpH

Tony Oldam: https://open.spotify.com/album/3m0eumQjUDrLyAwJmkFMpi

These tracks will interrupt anything the user is currently playing.

Other users are experiencing the exact same behaviour

https://community.spotify.com/t5/Help-Desktop-Linux-Windows-Web/Random-unsolicited-song-hijacks-play...

https://community.spotify.com/t5/Help-Accounts-and-Subscriptions/Spotify-hacked-by-a-pro/m-p/1178797

Could a member of the Spotify team please comment on this? It is somewhat concerning that there appears to be an unaddressed explit capable of making user accounts play any tracks they wish.

Many thanks.

pjm4040 · 2018-03-20

I am experiencing the same problem. Been going on for months. I have reset and everything.

Angelicmts · 2018-03-21

After reset & unplugged all apps I am using spotify from my mail account, not login in with facebook, and looks like problem its solved.

rockmutha · 2018-03-23

I think this thing may have been preventing my Spotify from updating too as that has been failing each attempt until now. I followed the instructions in this thread just now and I hope it sorts itself. I have to say this though, aside from the interrupted service and how annoying this has been to investigate and fix myself, the most unacceptable thing here is that someone was able to do this to me at all.

When you have a vulnerability in your software a notification should be sent to every single user. I would respect and appreciate that and happily follow instructions from Spotify to correct it. Having to seek out an answer to something like this, tells me Spotify does not take my privacy and security seriously at all.

The attached message was not allowed to be said for some reason but I think you need to see it.

srhardstone · 2018-03-24

Just had the same problem, was watching youtube and "You're the one that I want" from Greece started playing despite the app being closed. Thought it was just a bug, then about an hour again it started playing it again. Thought it was a family member playing a trick on me and somehow connected to my spotify via a chromecast so clicked on avaliable devices and saw Spotiamb 0.2.1. disconnected from spotify, signed out everywhere and then changed my password. and then signed out of everywhere again just incase. This is not good seeing as I have payment details connected to my account. I don't feel safe.

KyleDarling · 2018-03-28

How do you "Revoke all App access" and "Logout all devices"?

srhardstone · 2018-03-28

You have to log in into the Spotify website and do it through there

KyleDarling · 2018-03-28

Ok, I'm logged on... there's nothing like that under settings.

srhardstone · 2018-03-28

Go onto account and then account overview, scroll down and it should say
sign our everywhere and then to revoke access go to apps and it'll be right
there for ya

Angelicmts · 2018-03-29

##- You can do it on spotify web page desktop version, clic on account, and
clic on apps and also clic on devices. -##

HeMannen · 2018-04-29

Start playing the tampered mix (sound off recommended) and press "dislike/remove artist" (next to heart button) on the horrible ambient tracks. At least speeds up the healing...

edwardsangil · 2018-06-05

It's 2018 and this is still an issue Spotify is not addressing. I just had this problem this week and found out that Spotiamb (which I don't recall enrolling or subscribing to) is the culprit. They also ditched the idea of having 2-factor authentication for accounts to prevent this kind of hacking.

mollieandra · 2018-06-07

I've tried every single thing to "solve" this issue that Spotify has suggested, but the Spotiamb hacker is still appearing. I even logged out every single device and changed my password. Understandably, I'm getting pretty **bleep** that Spotify isn't taking this situation seriously and keeps blaming it on sharing your account with others. I've literally never let anyone else use my account, not to mention, the password I've changed my account to is completely unique. I've never connected my Spotify with Facebook so I really don't see where this problem is coming from. Please help me with this!

edwardsangil · 2018-06-08

Try to "Signout Everywhere" on Spotify web account. You can check that under Devices in your Account page. After that, try to change password.

vimspot · 2018-06-22

THANKS! I've had this creepy issue for so long. Randomly my spotify would just start playing and SpotIamb was having so much fun listening to music.

I changed my FB password multiple times but the issue remained. I hadn't realized I had a straight up login until I read your message.

Thanks! Seems like changing my straight up spotify password solved my issue.

Angelicmts · 2018-06-23

##- Great! I am glad to help! -##

Angelicmts · 2018-06-23

Months ago I am login in spotify with my email account. Not with facebook. Also revocate all app access, and spotiamb has happily gone!

Daily mix still has some ugly spotiamb songs but you just need to block artist or song. In my case, everything is almost normal again.

Add tags

Angelicmts · 2018-06-23

##- Mollieandra, have you tried to change the email account you have
registered on spotify? Maybe a new email, and a new password can work. In
my case, was enough with change my login in from facebook to an email. Just
to be sure, verify your account and disconnect all devices and apps. I hope
it works for you. I understand how annoying is spotiamb situation! 😞 -##

Peter · 2019-07-10

Hey folks,

Thanks for reaching out to us about this 🙂

We just wanted to let you know that if you don't have any luck with the solutions that other users have posted here, you can always reach out to our Customer Support team here. They can help make sure that your account is fully secured.

Hope that helps!

Spotify Community

Spotify Connect Exploit - Spotiamb 0.2.1. - hijacks user accounts to play songs.

Spotify Connect Exploit - Spotiamb 0.2.1. - hijacks user accounts to play songs.

Suggested posts

Let's introduce ourselves!

Help Wizard

Step 1

Just quickly...

Spotify Connect Exploit - Spotiamb 0.2.1. - hijacks user accounts to play songs.

Spotify Connect Exploit - Spotiamb 0.2.1. - hijacks user accounts to play songs.

Suggested posts

Let's introduce ourselves!