Malvertising resurfaces on Spotify and Facebook

Filed Under: Malware

Spotify logoThe relative lull in large malvertising attacks was unfortunately disrupted this week for both Spotify and Facebook.

Spotify is an online music service that allows users to listen to any music they want to over the internet for free. It is only available in a limited number of European countries, but still has a sizeable user base.

For those not familiar with Spotify, like many free services, they also offer a premium subscription service. While the free version is ad supported, the paid version has no ads and allows use of the service while offline, on mobiles, etc.

According to an article by John Leyden in The Register, on March 24th some Twitter users began complaining about their anti-malware software alerting on Spotify.

It looks like Spotify has fallen victim to a favorite trick of malware purveyors: Place an advertisement with a widely distributed ad network, then change the code in the ad to exploit flaws in browser code to inject malware onto users' computers.

Malicious ad on FacebookAround the same time, Naked Security reader John sent us a tip that there were malicious ads circulating on Facebook.

When you click on the ad on Facebook, you are redirected to a page saying you need to install Adobe Flash Player. The malware is served up when you click and is called AdobeFlashPlayer.exe.

Screenshot of malvertising site

I reported the ad to Facebook and their team took care of the problem in very short order. Recently Facebook has been very responsive to our spam and virus reports and that is very welcome news.

The lesson here for most of us is that trusting a brand or site does not mean that you are safe on the web. While services like Spotify and Facebook are legitimate, trusted organizations, they must derive revenue from advertisers in order to remain free.

Ad-sponsored services are great, but they cannot absolutely control all content they serve up and this gives clever scammers a window of opportunity.

The best defense is to stay vigilant and use web filtering technology to be sure that all of the files being sent to your computer are safe.

, , ,

You might like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Chester Wisniewski is a Senior Security Advisor at Sophos Canada. He provides advice and insight into the latest threats for security and IT professionals with the goal of providing clear guidance on complex topics. You can follow Chester on Twitter as @chetwisniewski, on App.net as Chester, Chester Wisniewski on Google Plus or send him an email at chesterw@sophos.com.