Anyone who uses Spotify has been advised to update their security protection after it was revealed that that the music streaming service has been compromised with malicious advertising.
A report suggested that anyone using Spotify Free from a desktop computer could potentially be leaving their browser at risk from damaging malware.
The reason for this is down to the fact that the free version opens up adverts every few songs and these sites open in your default browser without requesting permission – some of which, could in theory at least, be malicious.
Although the problem lies with the adverts themselves rather than Spotify, several major browsers have been affected including Google Chrome and Safari. Spotify are looking into the issue but as yet have been unable to come up with a fix.
In repose to a question posted on its support forum, Spotify said: “We’ve identified an issue where a small number of users were experiencing a problem with questionable website pop-ups in their default browsers as a result of an isolated issue with an ad on our Free tier. We have now identified the source of the problem and have shut it down. We will continue to monitor the situation.”
Some very large sites have fallen victim to malvertising, including the BBC, Yahoo and the New York Times. Malvertising is created when hackers insert malicious code into third part ad networks in the hope to generate fraudulent advertising revenue.
As the paid for versions do not include adverts these are unaffected but it is more bad news for the company after it was criticized for selling data about its users to third parties.
This dates back to August of this year when a number of third parties were sold data such as your age and gender, your journey to work as well as your taste in music. This amounts to around 70 million people worldwide.