Spotify Free (ads) causes browser to launch on malware / virus websites

There's something pretty alarming going on right now with Spotify Free. This started a several hours ago. If you have Spotify Free open, it will launch - and keep on launching - the default internet browser on the computer to different kinds of malware / virus sites. Some of them do not even require user action to be able to cause harm.

I have 3 different systems (computers) which are all clean and they are all doing this, all via Spotify - I am thinking it's the Ads in Spotify Free. I hope this has been noticed and Spotify staff are fixing it - fast. But it's still puzzling something like this can actually happen.

 

From what I have read so far I have understood this issue has been happening with Spotify Free before. Nevertheless, it's really dangerous for users and amazing how it has not been fixed. These malware launches probably happen during showing certain ads but malware / virus sites have nothing to do with the advertisers. Tells how big of a problem it seems to be (hacked server, spotify admin accounts etc)...

Hey,

 

We've identified an issue where a small number of users were experiencing a problem with questionable website pop-ups in their default browsers as a result of an isolated issue with an ad on our Free tier. We have now identified the source of the problem and have shut it down. We will continue to monitor the situation. If you see this issue again, please let us know the exact date and time in this thread.

 

Thanks as always for bringing your reports to the Community! 

Comments
Tomba_be
Casual Listener

I started having the same problem today. My browser was opened in the background, with several tabs open on ad sites. Only Spotify was running, I wasn't even using the computer when it happened. I only noticed it because it started some video on one of the pages. I assume someone managed to place some nasty ads on the Spotify ad exchange system. It's already bad if it displays ads, worse if it directs us to malicious websites, a security catastrophy the second they are able to infect a computer directly through Spotify. If nothing changed in the client, I suggest you urgently block all forms of ads that include some form of scripting,...

 

  1. What Spotify/OS version are you rocking?: Windows 10 64, Spotify 1.0.38.171.g5e1cdb7b2, Chrome browser
  2. Is this happening with a specific ad? No idea, wasn't watching the ads
  3. Any videos or screenshots would be super helpful. Attached my browsing history during that time. It shows several sites being visited. I was not using the computer, so they all got visited by Spotify. Some where definitely malicious as my Antivirus blocked them... 
  4. Have you tried reinstalling/logging out? Does that help? No, I haven't tried yet.
  5. Did it start happening after a specific event? Today.

spotifyspam.jpg

BertVI
Newbie

Having the same problem, every 5 to 10 minutes a popunder ad is opened, started today.

Coming from different ad servers. Managed to copy one of the links, maybe it helps in backtracking to the source.

 

http://a.yesadsrv.com/newServing/go.php?nid=1&cpx=cpv&uid=40095645050007&pid=373865&sid=630353&spid=...

Lord_Isopaha
Newbie

Same thing here.

  1. Spotify 1.0.38.171.g5e1cd7b2, Windows 7 x64 Enterprice
  2. It happens all the time. Can be repeated with restarting Spotify and selecting any song, ad popup opens almost immediately.
  3. Process explorer Example links
  4. I reinstalled Spotify and problem persists.
  5. Can't recall anything special.
jaldertvdbeek
Newbie

Same problem here. Running the spotify client on ubuntu 16.04 (1.0.38.171.g5e1cd7b2). Opening tabs in my default browser every 10 minutes or so. Please fix this Spotify, this is ruining my experience...

keljetdotcom
Newbie

Same issue here on OSX. Started yesterday and is driving me crazy

ncmoud
Casual Listener
  1. What Spotify/OS version are you rocking? | Spotify 1.0.38.171.g5e1cd7b2, Windows 10 Home 14393 x86
  2. Is this happening with a specific ad? | I quickly tap the Close Tab button when I see one, just for safety's sake, I don't record that information in my own memory.
  3. Any videos or screenshots would be super helpful. | I am using Spotify on my Windows 10-based tablet. I am writing this on my school's computers.
  4. Have you tried reinstalling/logging out? Does that help? | I haven't tried that yet, but as far as I see, it won't help.
  5. Did it start happening after a specific event? | I was listening to music with one of my friends before class this morning, that was when it started, we noticed it playing alongside the music trough the Bluetooth speaker.
Tomba_be
Casual Listener

Happened now several times in a row during the oyun.se, angry **bleep** ad (the bleep is replacing the plural of ball for some insane reason). This add shows several well known brands in the add (Fruit Ninja, Angry Birds, Minions,...), while linking to a games site that obviously has nothing to do with those brands. This is plain illegal advertising, copyright infringement and probably some other things as well. Fix your ad service, it's either hacked or you have made deals with some very shady suppliers.

shkkad
Newbie

I'm getting the same issue and so are my friends. They all have (including me) a macbook air with the latest version of spotify. I'd like to get a response back as soon as possible as to how to fix this issue. Thanks again!

 

EDIT: Another thing is it's affecting the main browser. As in if you're using chrome as your main browser then it will only affect chrome. One of my friends have Safari as their main browser and it's only happening on that platform.

Tomba_be
Casual Listener

And yet again... during the girlrising.com ad now. Directly afterwards again on the oyun.se ad, linking to https://welcome.unibet.be/media/bannerflow/data/unibet/landingpage/2605_76295.html?mktid=1:81750186:...   Someone is obviously making money of this... Millions of Spotify users being redirected with some affiliate links is probably pretty profitable.

Is someone even looking at this issue? This isn't just some annoyance, Spotify is actually opening dangerous websites (according to my AV). Unless you want tomorrows IT sites to have some "Spotify being used to infect users with virus" headlines, you should probably have someone taking urgent action, unlike the usual 'who cares about some annoying users' attitude.

Axedot
Newbie

Both on my dad's and my own laptop we've gotten the "b.yu0123456.com" ads mentioned by some. Have closed spotify now for a couple minutes and the ads haven't popped up.. Spotify u ok?