Spotify users are complaining that Spotify Free is infecting their browsers with malware via ads on the music streaming site. The virus opened “questionable website pop-ups" on browsers, as Spotify called them in a reply to a request for help.
The issue has affected Mac, Linux, and Windows users, the BBC reported. Spotify Premium subscribers, who pay for the service, do not see any ads and were therefore not vulnerable to the attack.
Spotify user "tonyonly" posted on the Spotify Community page, “There's something pretty alarming going on right now with Spotify Free. If you have Spotify Free open, it will launch - and keep on launching - the default internet browser on the computer to different kinds of malware / virus sites. Some of them do not even require user action to be able to cause harm.” According to tonyonly, the ads do not require clicks to infect users’ computers.
Spotify responded to the tonyonly saying it had shut down the issue and that only a small number of users had experienced difficulties. The company called the incidents “isolated.”
Other users voiced their concerns on Twitter:
The BBC reported that maladvertising appeared on Spotify in 2011, the year the streaming service launched in the US, and hit users with the Blackhole Exploit Kit, a type of Trojan Horse virus. Users saw malware-infected advertising banners within their Spotify applications that then ran malicious code within their browsers. Spotify later apologized for the problem.
Austin Kramer, global head of dance and electronic music at Spotify, said at a recent conference, “Our ad team is building ways for the free product to be profitable," suggesting that Spotify is searching for new ways to serve users advertisements. Spotify, which claims 40 million paying subscribers and 100 million active users, is not yet a profitable business.
In a statement to BuzzFeed News, Spotify reiterated its message to users.