Solved: Spotify Connect Exploit - Spotiamb 0.2.1. - hijack... - Page 6

colesl4w · 2015-07-29

Hi all,

Just wanting to draw attention to this. It appears that there is an exploit for Spotify Connect which uses the Spotiamb 0.2.1 extension to hijack user accounts and play a set list of songs. Affected users will see "Spotiamb 0.2.1" appear as an available Spotify Connect device. The result is that their account will, multiple times throughout a day at random intervals, play albums by these two artists, amongst others:

Dungeonsd: https://open.spotify.com/album/66xm00as0QlKB2dOE6fUpH

Tony Oldam: https://open.spotify.com/album/3m0eumQjUDrLyAwJmkFMpi

These tracks will interrupt anything the user is currently playing.

Other users are experiencing the exact same behaviour

https://community.spotify.com/t5/Help-Desktop-Linux-Windows-Web/Random-unsolicited-song-hijacks-play...

https://community.spotify.com/t5/Help-Accounts-and-Subscriptions/Spotify-hacked-by-a-pro/m-p/1178797

Could a member of the Spotify team please comment on this? It is somewhat concerning that there appears to be an unaddressed explit capable of making user accounts play any tracks they wish.

Many thanks.

fernandaparisi · 2017-09-17

Just found out I was hijacked too. Got a screenshot from it, and checked my history for lots of tracks I've never heard of.

Logged out of all devices and changed my password, but I have to admit that freaked me out a bit 😕

irotinmyskin_ · 2017-09-21

I went to my spotify account through my browser, in the apps panel i found one by the name "lithium.com" i had never used that before, so i revoked access.. so far i'm not getting the spotiabomb thing... hopefully it will stay like that

lavsy · 2017-09-21

Changing spotify password seems to have worked for me.

What didnt work:

- deleting queue

- software updates

- deleting app

carlosfranco21 · 2017-09-25

The company takes £10 from my account for the past 6 years and I have to rely on the comunity (great comunity BTW) of users to get bugs fixed because you can't contact Spotify support. such a joke of a company. Apple Music, see you soon.

mjbrodeur · 2017-09-26

Same thing happened to me, but I had connected my account to TouchTunes, the app where you can play songs from your Spotify playlists on internet connected jukeboxes at bars. I just revoked all app access, changed my password, and logged out all devices. Hopefully that works for me too.

mjbrodeur · 2017-09-26

As an update this morning, the random songs appear to have stopped. One other thing I did last night after I posted was go into Facebook and revoke access to Spotify through Facebook itself. I didn't even know I still had that in there. So I revoked that access, and this morning I got an email from Facebook saying "It appears you're having trouble logging into your account..." and I had to go in and say I'm not trying to repeately log into my account. So could possibly be FB related as well?

jammajuice · 2017-10-07

Hi there,

I tried all the listed solutions and changed all my passwords for facebook & spotify but I'm still experiencing this issue. Will a member of the team please respond for assistance?

Paulbandarian · 2017-10-07

Not sure if anyone else experienced this, but right before the random pauses started happening on my Spotify account I was notified that there was a suspicious login to my Facebook account from "Bandung, Indonesia".

Paulbandarian · 2017-10-07

AND I just reset all my Facebook and Spotify passwords and then immediately got an email from Facebook saying that there was an attempt to login to my account again

kaanpolat · 2017-10-11

Music randomly pausing and starting again on its own for a few weeks now. Only just figured out it must related to this spotiamb BS. It is SO frustrating can't believe Spotify are not sorting it out. Never had my facebook connected to my Spotify. Have logged out of all devices and reset the password let's see if this fixes it. BTW Lithium Community is this very forum where we are writing now, doubt it has anything to do with our problem.

skiddadale · 2017-10-13

I also think it is Shazham that is causing this, revoke access it

salyangoz · 2017-10-14

coincidentally I revoked access to the shazam app and disconnected all the apps and now the perp isnt listening to explicit french rap anymore.

the device was named CAM-L21 if that makes a difference.

erikbottema · 2017-10-16

Also experienced the issue for the past couple of weeks. I've never linked my facebook or Shazam or anythink else. Just Spotify in isolation. I have linked it with several Chromecasts on our WiFi. No idea what causes the issue, but I just

1. logged out on all devices,

2. restricted offline access to all devices,

3. retricted all app persmissions

4. Changed password

Hope this helps, agree this is unacceptable.

Qntal1975 · 2017-10-25

I have also the same problem very very annoying. I tried everything to resolve it and followed the answers in this thread but no solution yet. I see online in my spotify account that an app is registered. The name is something with a L. Dont know the name. But when I remoe it it is ok for a while maybe a day or 2. But I never gave access to this app. Please spotify resolve this for your paying customers or please give us a posibility to turn of this dreadful spotify connect option!

BigJim · 2017-10-26

I also add bad symptoms: frequent interuptions in the play, and when we reconnected after a day, I could see odd songs having been played.

I did as suggested (changed my password, got rid of all connected devices, reconnected, and it seems fix. I also dont use the Spotiamb 0.2.1. stuff, no access via third party stuff, a totally isolated Spotify from the rest of my world).

And indeed, I had this for months, I think we should have been warned by Spotify. My quality of service was very poor (interuption every 10-20 min), etc.

colesl4w · 2017-10-26

2 years, 12 pages of replies, and still no official fix for this. That's absolutely insane. We are valued customers clearly.

esrem · 2017-10-31

I'm getting extremely annoyed with Spotify. I have the problem that Spotify automatically starts playing for a month now and spotiamb shows up under 'connected devices'. I have tried the following multiple times, but it doens't fix the problem:

1. Revoke all app access
2. Logout all devices
3. Change my facebook password, because I orginally signed up using Facebook

4. Log back in

What should I do???

mjbrodeur · 2017-10-31

What worked for me was revoking Spotify access through Facebook itself, logging into Facebook and revoking Spotify access, then I stopped getting this. The next day I also got a Facebook email saying "It appears you're having trouble logging into your account" and I said no I'm not. So it seems to me it was the integration between FB and Spotify.

As far as getting them to respond to this, tweet at Spotify and share this thread link. If enough people tweet publicly at them (don't use @reply, it won't show up on your timeline), maybe it will gain some attention.

yarivimarquez · 2017-11-15

I have followed all the steps as well and I keep getting these interuptions on my account. I keep logging out of all sessions and change the pasword. Please help! This is getting really annoying.

lowgman1234 · 2017-11-15

I have been a subscriber since Spotify came to the states - so YEARS and YEARS. Come to find out this has been an issue since 2015 and is STILL an issue and it is infuriating. I will be looking for refunds for the months that I have been dealing with this, as it is no fault of subscribers, and clearly Spotify's security is not up to task. I don't use facebook or any other 3rd party login method, as I specifically wanted to AVOID **bleep** LIKE THIS.

Help categories

Account & Payment

Using Spotify

Listen Everywhere

Spotify Connect Exploit - Spotiamb 0.2.1. - hijacks user accounts to play songs.

Spotify Connect Exploit - Spotiamb 0.2.1. - hijacks user accounts to play songs.

Suggested posts

Help Wizard

Step 1

Just quickly...

FAQs

Ongoing Issues

Help categories

Account & Payment

Using Spotify

Listen Everywhere

Spotify Connect Exploit - Spotiamb 0.2.1. - hijacks user accounts to play songs.

Spotify Connect Exploit - Spotiamb 0.2.1. - hijacks user accounts to play songs.

Suggested posts