Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Piracy

Spotify Has A Pirated Software Problem (404media.co) 17

An anonymous reader shares a report: People are using Spotify playlist and podcast descriptions to distribute spam, malware, pirated software and cheat codes for video games. Cybersecurity researcher Karol Paciorek posted an example of this: A Spotify playlist titled "*Sony Vegas Pro*13 C-r-a-c-k Free Download 2024 m-y-s-o-f-t-w-a-r-e-f-r-e-e.com" acts as a free advertisement for piracy website m-y-s-o-f-t-w-a-r-e-f-r-e-e[dot]com, which hosts malicious software.

"Cybercriminals exploit Spotify for #malware distribution," Paciorek posted on X. "Why? Spotify has a strong reputation and its pages are easily indexed by search engines, making it an effective platform to promote malicious links."

"The playlist title in question has been removed," a spokesperson for Spotify told 404 Media in a statement. "Spotify's Platform Rules prohibit posting, sharing, or providing instructions on implementing malware or related malicious practices that seek to harm or gain unauthorized access to computers, networks, systems, or other technologies."

Spotify Has A Pirated Software Problem

Comments Filter:
  • "The playlist title in question has been removed," a spokesperson for Spotify told 404 Media in a statement. "Spotify's Platform Rules prohibit posting, sharing, or providing instructions on implementing malware or related malicious practices that seek to harm or gain unauthorized access to computers, networks, systems, or other technologies."

    Except a link to a license key doesn't do any o that.
  • by Bahbus ( 1180627 ) on Thursday November 21, 2024 @01:27PM (#64962835) Homepage

    I've seen some stupid ways to promote malicious websites, but this may be the stupidest one yet. Anyone who would see something like that and then go to that website deserves whatever happens to them. Those people shouldn't be allowed to have technology in the first place.

    • I'm kind of surprised nobody has come up with a malformed mp3 that does something like encode pirated software or other messages directly into the music; then get patriotic singers from whatever country to participate in spreading information by selling tracks on spotify.

    • To be fair, it works even better if people writes articles detailing the links that these exploits point to. the next article will be "people use 404media articles to amplify the distribution of pirated software, malware cracks etc" followed by "people use slashdot articles ..."

    • I've seen some stupid ways to promote malicious websites, but this may be the stupidest one yet

      Eh, for all the problems it poses, I'd hesitate to say that "it's stupid" is one of them. Spotify ranks rather well on Google, so it's a great (but evil) way to ride Spotify's tailcoat and get your malware links seen.

  • by Anonymous Coward

    Stop citing IT-Clickbait.

  • Malware promoting malware, checks out!

  • Seriously they need to start introducing some level of filtering into what people upload. This link spam is just the latest problem. They also suffer with actually pirated music being uploaded, AI trash being uploaded, fake band names attempting to generate plays by imitating real bands, it's becoming a cesspool.

    • cesspool

      what % of the platform is the content you mention? I use Spotify the majority of my conscious hours and encounter nothing but smooth sailing.

      AI trash

      Related, this is the AI garbage for sale [temu.com] being show in ads on /. So far, slashdot is looking more like the cesspool than Spotify. Not saying the things you mentioned don't exist on Spotify - it's not news to me at all. Just wondering what % of the time it is in front of you.

    • Spotify is a cesspool even for artists, who get pennies on the millionth view or whatever. It shouldn't have existed, but it does because it does a better job of separating artists from the cash generated by the art. It's built on the premise of throwing more to the industry than to the creators. It's just grabbing at every possible way to do that now, with as little human interaction as possible. It's custom made for digital fraud, and now it's starting to pay off in this type of bullshit.

  • by Comboman ( 895500 ) on Thursday November 21, 2024 @01:56PM (#64962931)

    Spotify is not distributing anything. People are using plain-text playlist titles to advertise their shitty websites, just like they can do with ANY website that allows users to enter plain-text that others can read, including this one. By the way, the REAL site for *Sony Vegas Pro*13 C-r-a-c-k Free Download is goatse[dot]cx

  • by JustAnotherOldGuy ( 4145623 ) on Thursday November 21, 2024 @02:08PM (#64962979) Journal

    "The playlist title in question has been removed," a spokesperson for Spotify told 404 Media in a statement.

    Meanwhile the other 2,646,318 'titles' are still there.

    Good job, Spotify, that's so inspiring, keep up the good work...

  • by PPH ( 736903 ) on Thursday November 21, 2024 @02:54PM (#64963101)

    ... audio streams. Podcasts and music. Can't they just build a filter with some AI to knock off the stuff that doesn't match posting rules?

    Of course, podcasts could bypass this by streaming spoken word instructions as to where to download the illicit stuff. But recognizing music should be relatively simple*, as BMI and ASCAP already have clients piggy-backed on phone apps that can recognize their content, capture the location and send a bill to a bar or dance club that isn't paying their fees.

    *Sorry. The "not music, deleted" rule will knock rap recordings off the 'Net. But that's a small price to pay in the grand scheme of tings.

You are always doing something marginal when the boss drops by your desk.

Working...