Home » News » Malware » UK and Sweden users have big chance to get infected through Spotify

UK and Sweden users have big chance to get infected through Spotify

By Gina on March 29, 2011 | Malware, Spotify malware, malicious advertisements, Windows Recovery, WindowsRecovery removal, remove Windows Recovery, fake computer security software, malicious Windows Recovery program, Spotify markets malicious ads UK and Sweden users have big chance to get infected through Spotify

Recently, new way of spreading malware has been found. This time users may be infected via Spotify which displays malicious advertisements to their free version.

Streaming music service Spotify markets Windows Recovery fake computer security software. Displayed rogue security warnings lead computer victims to website that uses the Blackhole Exploit Kit to infect PC users with malicious Windows Recovery program.

Patrick Runald, Websense Security Labs, says: „Malvertising is nothing new, but this case is slightly different. Usually malicious ads are displayed as part of a website and viewed with the browser. In this case the malicious ad is actually displayed inside the Spotify application itself. This means that it's enough that the ad is just displayed to you in Spotify to get infected, you don't even have to click on the ad itself. So if you had Spotify open but running in the background, listening to your favorite tunes, you could still get infected.“

Once fictitious advertisements are issued, they combine to uev1.co.cc where the exploit kit gains to infect users through few computer flaws or even tries vulnerability in Adobe Reader/Acrobat.

If infected you need to get rid of malware installed to your PC with reputable computer protection tool because Windows Recovery installs a rootkit which is difficult to remove or even to find.

More Malware news

Danger! Facebook private messages and Instant Messengers are infected by worm

Danger! Facebook private messages and Instant Messengers are infected by worm

According to TrendLabs, infected messages are spreading on Facebook which contain a malicious link pointing to an archive file “May09-Picture18.JPG_www.facebook.com.zip”. Zipped archive itself has a file titled “May09-Picture18.JPG_www.facebook.com” and uses the extension “.com”. Malware within is able to terminate services and processes related to AV which quickly shuts down AV from detection or removal of the worm. This detected malware is named WORM_STECKCT.EVL. Read more.


News categories

Latest news

Related news