Home > Industry > Fake Spotify Sites Will Leech Your Bank Details And Steal Your Bitcoin

Fake Spotify Sites Will Leech Your Bank Details And Steal Your Bitcoin

With 365 million users worldwide, it seems that almost everybody you know is signed up to Spotify. But those planning to test out the world’s largest music site should be aware that what looks like an ad for the service might in fact be a trap designed to steal all your sensitive information.

Cybersecurity firm ESET have discovered a number of fake Spotify sites that you enter via an authentic-looking Spotify advert, imploring you to test their service. You are then taken to a fake Microsoft Store site, and a zip file is automatically downloaded to your computer. This file (should you unzip it) will unleash Ficker, which is Trojan malware that harvests and sends data from your computer to criminals.

Ficker was delivered by Russian hacker, and was discovered this January. It saves logins, crypto wallets, credit card details, and other such data, zips it up, and sends it to whoever set up the initial Spotify trap.

So be careful: it may sound like a familiar song, but if you are downloading something, make sure the website URL checks out first.

You may also like
You Can Now Share Timestamps For Podcasts Through Spotify
Spotify Funnels Australian Revenue Through Swedish Office
Musicians Ask Spotify To Kill Controversial New Voice Recognition Software
Spotify’s Price Hike Is Good For Shareholders, Not So Good For Users
Will The Spotify Boom Cool Off Post Pandemic?