Home > Industry > Fake Spotify Sites Will Leech Your Bank Details And Steal Your Bitcoin

Fake Spotify Sites Will Leech Your Bank Details And Steal Your Bitcoin

With 365 million users worldwide, it seems that almost everybody you know is signed up to Spotify. But those planning to test out the world’s largest music site should be aware that what looks like an ad for the service might in fact be a trap designed to steal all your sensitive information.

Cybersecurity firm ESET have discovered a number of fake Spotify sites that you enter via an authentic-looking Spotify advert, imploring you to test their service. You are then taken to a fake Microsoft Store site, and a zip file is automatically downloaded to your computer. This file (should you unzip it) will unleash Ficker, which is Trojan malware that harvests and sends data from your computer to criminals.

Ficker was delivered by Russian hacker, and was discovered this January. It saves logins, crypto wallets, credit card details, and other such data, zips it up, and sends it to whoever set up the initial Spotify trap.

So be careful: it may sound like a familiar song, but if you are downloading something, make sure the website URL checks out first.


767829

You may also like
TikTok Takes On Spotify, Apple, With Music App
Spotify Premium Users To Get Separate Play And Shuffle Buttons
Spotify Kills Off ‘Car Thing’ Despite Positive Financial Results
Music Streaming Harmful To Artists, Great For Consumers
Spotify Acquires Music Themed Wordle Clone